[Newsclips] IETF SYN-ACK Newspack 2020-07-20

David Goldstein <david@goldsteinreport.com> Mon, 20 July 2020 12:54 UTC

Return-Path: <david@goldsteinreport.com>
X-Original-To: newsclips@ietfa.amsl.com
Delivered-To: newsclips@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8F3623A08DC for <newsclips@ietfa.amsl.com>; Mon, 20 Jul 2020 05:54:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.371
X-Spam-Level:
X-Spam-Status: No, score=0.371 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.26, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_TVD_FUZZY_SECURITIES=0.01, URIBL_BLOCKED=0.001, URI_TRY_3LD=1.999] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ejf6x3N5SqQz for <newsclips@ietfa.amsl.com>; Mon, 20 Jul 2020 05:54:49 -0700 (PDT)
Received: from karkinos.atomiclayer.com (karkinos.atomiclayer.com [96.125.178.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB2BC3A08DE for <newsclips@ietf.org>; Mon, 20 Jul 2020 05:54:48 -0700 (PDT)
Received: from DavidDesktop2019 (unknown [60.227.219.141]) by karkinos.atomiclayer.com (Postfix) with ESMTPSA id 5A7E6280C7B for <newsclips@ietf.org>; Mon, 20 Jul 2020 08:54:42 -0400 (EDT)
Authentication-Results: karkinos.atomiclayer.com; spf=pass (sender IP is 60.227.219.141) smtp.mailfrom=david@goldsteinreport.com smtp.helo=DavidDesktop2019
Received-SPF: pass (karkinos.atomiclayer.com: connection is authenticated)
From: "David Goldstein" <david@goldsteinreport.com>
To: <newsclips@ietf.org>
Date: Mon, 20 Jul 2020 22:54:40 +1000
Organization: Goldstein Report
Message-ID: <000001d65e94$f277da40$d7678ec0$@goldsteinreport.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0001_01D65EE8.C424D4A0"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdZelODUeWiwg7WOTaiaigaEjP9P2w==
Content-Language: en-au
Archived-At: <https://mailarchive.ietf.org/arch/msg/newsclips/v4fNGuAQqT0q2H7C8Mg2fqV3ODk>
Subject: [Newsclips] IETF SYN-ACK Newspack 2020-07-20
X-BeenThere: newsclips@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF News Clips <newsclips.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/newsclips>, <mailto:newsclips-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/newsclips/>
List-Post: <mailto:newsclips@ietf.org>
List-Help: <mailto:newsclips-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/newsclips>, <mailto:newsclips-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jul 2020 12:54:53 -0000

**********************

IETF IN THE NEWS

**********************

Building a diverse and strong Internet Society Board of Trustees

The Internet Society’s 2020 AGM (Annual General Meeting) is going to be held on the first weekend of August. While the meeting had originally been planned as a face-to-face meeting, the Board decided to turn it into an online meeting instead given the current COVID-19 pandemic. ... As you know, the Board is selected and elected by our community, with the IETF, Organizational Members, and Chapters each independently choosing a third of the Trustees. Next year, at the 2021 AGM, three trustees will be reaching their term limit and, thus, will be leaving the Board. Having recently concluded this year’s election, now is an optimum moment to think about how to make sure our community has a great set of candidates to choose from next year.

<https://www.internetsociety.org/blog/2020/07/building-a-diverse-and-strong-internet-society-board-of-trustees/>

 

Successful European Engagement in the IETF: A French early bird (or early fox) in IoT

Interview with Juan Carlos Zuniga, Sigfox - Sigfox was an early bird in IoT, offering sensor networking for agriculture or logistic methods, luring customers with a full-service package – from the sensors to the network. The French company embraced standardisation for data formats early on and found a place in the IETF.

<https://www.centr.org/news/blog/successful-european-engagement-in-the-ietf-a-french-early-bird-or-early-fox-in-iot.html>

 

How China is trying to create a new internet in its own image

... TCP/IP continues to evolve. One example is the Google QUIC project that speeds up networking and that now is maturing into an industry standard at the IETF, a key organization charting the future of the internet.

<https://www.digitalmarketnews.com/how-china-is-trying-to-create-a-new-internet-in-its-own-image/>

 

China has big ideas for the internet. Too bad no one else likes them

... A Futurewei presentation calls for evolution to take place instead at an ITU group for New IP and suggests "IETFers" join in. If they did, it would bring new clout for the government-controlled effort and weaken the existing process.

<https://www.cnet.com/news/china-has-big-ideas-for-the-internet-too-bad-no-one-else-likes-them/>

<https://www.msn.com/en-us/news/technology/china-has-big-ideas-for-the-internet-too-bad-no-one-else-likes-them/ar-BB16RstQ>

 

We drive openness to let the ecosystem innovate on the 5G platform

... Our approach to openness involves coordinated efforts across standardization bodies, open source projects, alliances and partnerships. On top of our work with 5G in 3GPP, we are actively contributing in several other alliances – the IEEE, IETF, ONAP and O-RAN Alliance, among others – that aim to achieve global scale with a strong ecosystem, boost innovation and help customers differentiate.

<https://www.ericsson.com/en/future-technologies/openness-in-mobile-networks>

 

How to Use SFTP to Safely and Quickly Send Files

... Now, let’s further explain what these protocols actually mean. SSH Protocol: Secure Shell Protocol was first developed in 2006 by the IETF to replace older shell protocols that weren’t as secure. It’s used to create a protected connection between the remote server and a computer. It utilizes a public key encryption method to provide secure user authentication and encrypted communications across the internet.

<https://learn.g2.com/what-is-sftp>

 

Summary: Report on Non-Personal Data Framework released by MEITY's Committee of Experts

... These obligations must be fulfilled whether or not the business is regulated by another sectoral regulator. Submit metadata about data user and community with details such as classification, closest schema, volume, etc. The directory of data classification and scheme will be published by NDPA, to which businesses that deal with new types of data are encouraged to make improvements and extensions. Additions to the list will go “through a peer review, academic review process as per IETF framework, guided by a Technical Advisory body created as per Open API guideline”.

<https://www.medianama.com/2020/07/223-summary-non-personal-data-report-meity/>

 

Unified Payment Interface: Towards Greater Cyber Sovereignty

... The NPCI must act urgently to institute multistakeholder standard-setting processes for the UPI at the earliest, in line with global bodies such as the W3C and the IETF.

<https://www.orfonline.org/research/unified-payment-interface/>

 

Co je dobré, špatné a ošklivé na IPv6, vysvětluje Geoff Huston [What's Good, Bad and Ugly on IPv6, explains Geoff Huston]

... Já neříkám, že je to blbost nebo že nemá Geoff Huston pravdu (jinak bych o tom asi nepsal článek), jenom říkám, že tady jsou určité konflikty ve směru vývoje IETF, kde se čím dál více dbá na nějakou formu TLS a DNS možná i s ohledem na IPv6 a problematice náročnosti toho všeho v praxi. Nebo mi chcete tvrdit, že v IETF neví, co dělají?

<https://www.root.cz/zpravicky/co-je-dobre-spatne-a-osklive-na-ipv6-vysvetluje-geoff-huston/>

 

Campagne de promotion du domaine « .cm » au Cameroun [Campaign to promote the ".cm" domain in Cameroon]

... Selon l’ANTIC, le .cm est sécurisé et garantit l’authenticité et l’intégrité des transactions grâce au protocole Dnssec, le protocole standardisé par l’IETF, qui élabore et promeut des standards Internet. Cela permet de résoudre certains problèmes de sécurité liés au protocole DNS.

<https://cio-mag.com/campagne-de-promotion-du-domaine-cm-au-cameroun/>

 

5G : Verizon et Digital Catapult créent un programme d'accélération pour le retail [5G: Verizon and Digital Catapult create retail acceleration program]

... Pour Chester Wisniewski, principal research scientist chez l'entreprise de sécurité Sophos, Oscore est encore trop peu connu : "Ce protocole est une excellente nouvelle pour les industriels mais il faudrait que les fabricants s'emparent du sujet", estime-t-il. L'organisme IETF travaille sur la standardisation de Lake, une procédure légère d'échange de clés authentifiées afin d'assurer la confidentialité des retransmissions, pour compléter Oscore.

<https://www.journaldunet.com/web-tech/dictionnaire-de-l-iot/1196828-5g-verizon-et-digital-catapult-creent-un-programme-d-acceleration-pour-le-retail/>

 

Im 3 MBit/s Beispiel ist AV1 aber etwas besser als VVC [In the 3 Mbps example, AV1 is slightly better than VVC]

... Zudem darf man nicht vergessen, dass AV1 auch in Hinblick als Kandidant für IETF's NetVC entwickelt wurde (Opus als Internetstandard für Audio wurde vom IETF ja bereits erkoren) und im Grunde jeder große Videostreaminganbieter und Chiphersteller sich unter den Unterstützern zählt.

<https://forum.golem.de/kommentare/applikationen/h.266-alias-vvc-schoen-langsam-zukunft-ungewiss/im-3-mbit-s-beispiel-ist-av1-aber-etwas-besser-als-vvc/136243,5702113,5702345,read.html>

 

Trung Quốc đang manh nha xây dựng một mạng Internet mới, không "kết nối" với Internet toàn cầu hiện tại [China is trying to build a new Internet, not "connected" to the current global Internet]

... TCP/IP vẫn đang được phát triển. Một ví dụ là dự án QUIC của Google đã giúp tăng tốc độ mạng và đang được hoàn thiện để trở thành một tiêu chuẩn công nghiệp tại tổ chức IETF, đây là tổ chức quan trọng trong định hình tương lai của internet.

<https://vnreview.vn/tin-tuc-xa-hoi-so/-/view_content/content/3212214/trung-quoc-dang-manh-nha-xay-dung-mot-mang-internet-moi-khong-ket-noi-voi-internet-toan-cau-hien-tai>

 

Kaĸ Kитaй иcĸa дa cъздaдe coбcтвeн интepнeт? [How does China want to create its own Internet?]

... Πpeзeнтaциятa нa Futurеwеі изиcĸвa eвoлюциятa дa ce cъcтoи в гpyпaтa нa ІТU зa Nеw ІР и пpeдлaгa дa ce пpиcъeдинят „ІЕТFеrѕ“. Aĸo тoвa cтaнe, щe дoвeдe дo нoви ycилия cpeщy ĸoнтpoлиpaнитe oт пpaвитeлcтвoтo дeйcтвия, ĸaĸтo и щe oтcлaби дeйcтвaщия вeчe пpoцec.

<https://www.kaldata.com/it-новини/как-китай-иска-да-създаде-собствен-инт-340758.html>

 

为每一粒沙子加上地址,对话爱奇艺IPv6 团队 [Add an address to each grain of sand and talk to the Aichi IPv6 team.]

... IPv6是Internet Protocol Version 6的缩写,其中InternetProtocol译为“互联网协议”。IPv6是IETF(互联网工程任务组,InternetEngineering Task Force)设计的用于替代现行版本IP协议(IPv4)的下一代IP协议,IPv6将IPv4中32位的地址长度扩展到了128位,使用IPv6,可以让全世界的每一粒沙子都能分配到一个IP地址。

<https://www.csdn.net/article/2020-07-14/2827220>

 

**********************

INTERNET OF THINGS

**********************

eu: Sector inquiry into Consumer Internet of Things

The Commission launched the inquiry into the sector of Internet of Things for consumer-related products and services in the European Union on 16 July 2020 (see the press release) on the basis of European Union ("EU") competition rules, in particular Article 17 of Regulation 1/2003. It is part of the Commission’s digital strategy and follows an announcement in the Commission’s Communication on Shaping Europe’s digital future.

<https://ec.europa.eu/competition/antitrust/sector_inquiries_internet_of_things.html#:~:text=Internet of Things The Commission launched the inquiry,rules%2C in particular Article 17 of Regulation 1%2F2003.>

 

Q&A: the Internet of things and mining’s digital future with Inmarsat

The global mining sector is undergoing an Internet of Things (IoT) revolution according to new research by Inmarsat, with respondents reporting a significant increase in adoption of IoT technologies. We speak to Inmarsat global mining director Joe Carr to discuss the study’s findings and what IoT means for mining’s digital future.

<https://www.mining-technology.com/features/qa-the-internet-of-things-and-minings-digital-future-with-inmarsat/>

 

**********************

SECURITY & PRIVACY

**********************

Why has DNSSEC increased in some economies and not others?

In April this year, DNSSEC passed a milestone, reaching 25% validation worldwide. It continues an incredible turnaround for the often criticized security protocol, thanks largely to high adoption rates in Saudi Arabia and Nordic economies, all of which have DNSSEC validation rates well above 80%. This is in stark contrast to my home economy, Japan, where the adoption rate has lingered below 10% for the past six years.

<https://blog.apnic.net/2020/07/10/why-has-dnssec-increased-in-some-economies-and-not-others/>

 

Much Of The Internet Went Down Yesterday: Here’s The Reason Why

It's not been the best of weeks as far as cybersecurity goes. A critical Windows Server worm emerged that caused the Department of Homeland Security to issue an emergency directive ordering federal agencies to update. Then there was the Twitter hack, of course. So when a whole bunch of popular websites goes down at much the same time, many people will assume that a cyber-attack is underway. ... It turned out not to be nation-state threat actors hitting some internet kill switch, but rather a problem with one of the largest companies providing secure DNS services and denial of service protection. That company is Cloudflare, whose homepage proudly declares that it helps "keep thousands of business online." So, what went wrong?

<https://www.forbes.com/sites/daveywinder/2020/07/18/internet-down-human-error-not-cyber-attack-to-blame-says-cloudflare/>

 

This Is Why Half the Internet Shut Down Today

Scores of websites and services went down Friday afternoon due to problems with Cloudflare’s DNS service, sparking rampant speculation about the cause. After all, a global DDOS attack would totally fit the real-life apocalypse movie that 2020 is increasingly turning into.

<https://www.gizmodo.com.au/2020/07/this-is-why-half-the-internet-shut-down-today/>

 

Cloudflare outage on July 17, 2020

Today a configuration error in our backbone network caused an outage for Internet properties and Cloudflare services that lasted 27 minutes. We saw traffic drop by about 50% across our network. Because of the architecture of our backbone this outage didn’t affect the entire Cloudflare network and was localized to certain geographies.

<https://blog.cloudflare.com/cloudflare-outage-on-july-17-2020/>

 

MANRS Welcomes Three New CDN and Cloud Participants

The MANRS Content Delivery Network (CDN) and Cloud Program continues to grow in numbers and in strength with three new participants.

<https://www.internetsociety.org/blog/2020/07/manrs-welcomes-three-new-cdn-and-cloud-participants/>

 

HTTPS — How it protects browser users on the Internet today

Hypertext Transfer Protocol Secure (HTTPS) is a secure extension of the Hypertext Transfer Protocol (HTTP). HTTPS secures communications over the Internet, adding a layer of security for your data, by enabling encrypted communications between your browser and a website.

<https://blog.apnic.net/2020/07/08/https-how-it-protects-browser-users-on-the-internet-today/>

 

How to detect if your domains are being abused for phishing attacks

At the Dutch Tax and Customs Administration, we’ve worked for years to build a strong relationship with taxpayers based on trust.

<https://blog.apnic.net/2020/07/07/how-to-detect-if-your-domains-are-being-abused-for-phishing-attacks/>

 

ENISA unveils its New Strategy towards a Trusted and Cyber Secure Europe

This publication by the European Union Agency for Cybersecurity outlines the Agency’s strategic objectives to boost cybersecurity, preparedness and trust across the EU under its new strengthened and permanent mandate.

<https://www.enisa.europa.eu/news/enisa-news/enisa-unveils-its-new-strategy-on-cybersecurity-for-a-trusted-and-cyber-secure-europe>

 

Cybersecurity Information Sharing Success Stories

The theory behind cybersecurity information sharing is clear and uncontroversial, even if the details of what to share, how best to do it and who to share with may sometimes result in debate and disagreement. The theory goes that organizations are better off sharing information and improving situational awareness than trying to recognize and face cyber threats and challenges on their own. Some collective and coordinated efforts can help to identify, learn about and fend off threats and would-be attackers—as compared to acting individually with less information and situational awareness. That is also a reason why armies gather intelligence, where feasible, before going to battle.

<https://cyberlaw.stanford.edu/publications/cybersecurity-information-sharing-success-stories>

 

us: Executive Order Shines a Light on Cyberattack Threat to the Power Grid

It aims to protect the U.S. bulk-power system, but local electricity networks are just as vulnerable

<https://spectrum.ieee.org/energywise/energy/policy/executive-order-shines-a-light-on-cyberattack-threat-to-the-power-grid>

 

EU Cybersecurity: Commission launches public consultation on the NIS directive

The Commission launched a public consultation on the revision of the Directive on security of network and information systems (the NIS Directive). Since the current Directive entered into force in 2016, the cyber-threat landscape has been evolving quickly. The Commission now plans to kick-start the procedure for the revision of the NIS Directive, starting with a public consultation that aims to collect views on its implementation and on the impact of potential future changes.

<https://ec.europa.eu/digital-single-market/en/news/eu-cybersecurity-commission-launches-public-consultation-nis-directive>

 

Commission launches Women4Cyber, a registry of talents in the field of cybersecurity

Today the Commission together with the Women4Cyber initiative of the European Cybersecurity Organisation (ECSO) launched the first online registry of European women in cybersecurity that will connect expert groups, businesses and policy makers to talents in the field. The registry is an open, user-friendly database of women that have expertise in cybersecurity, aiming to address the growing demand for cybersecurity professionals in Europe and the related shortage of talents in the field.

<https://ec.europa.eu/digital-single-market/en/news/commission-launches-women4cyber-registry-talents-field-cybersecurity>

 

The TLS 1.2 Deadline is Looming, Do You Have Your Act Together? Sponsored by: RiskRecon

In the pantheon of security configuration duties for organizations running internet assets, maintaining the latest TLS encryption protocols to keep the cryptographic apparatus at full strength is one of the most fundamental. TLS provides cover for the most sensitive personal and financial information that moves across the internet. As experts in measuring and monitoring third-party risk, RiskRecon and the data scientists from Cyentia Institute recently published a new report that leveraged unique scan data from millions of web servers around the world, via the RiskRecon platform, to see where the rollout of TLS 1.2 is going smoothly and where it is meeting resistance. 

<https://threatpost.com/riskrecon-the-tls-1-2-deadline-is-looming-do-you-have-your-act-together/157296/>

 

**********************

OTHERWISE NOTEWORTHY

**********************

MANRS Welcomes Three New CDN and Cloud Participants

The MANRS Content Delivery Network (CDN) and Cloud Program continues to grow in numbers and in strength with three new participants.

<https://www.internetsociety.org/blog/2020/07/manrs-welcomes-three-new-cdn-and-cloud-participants/>

 

In Africa, An Open Internet Standards Course for Universities

Seventy university students from the Democratic Republic of Congo (DRC), Ethiopia, Kenya, and Ghana gained insights into open Internet standards

<https://www.internetsociety.org/blog/2020/07/in-africa-an-open-internet-standards-course-for-universities/>

 

Infinera and Windstream Beam 800 Gigabits Per Second Through a Single Optical Fiber

For the first time, an 800 gigabit per second connection has been made over a live fiber optic link. The connection, a joint test in June conducted by Infinera and Windstream, beamed through a fiber optic line stretching from San Diego and Phoenix. If widely implemented, 800G connections could reduce the costs of operating long-haul fiber networks.

<https://spectrum.ieee.org/tech-talk/telecom/internet/infinera-and-windstream-beam-800-gigabits-per-second-through-a-single-optical-fiber>

 

Holding Steady: How CDNs, IXPs, and Network Providers Help Keep us Online

Although the COVID-19 pandemic is, unfortunately, far from over, the Internet continues to be resilient, supporting the additional demands that we have placed on it, including the rapid growth in online learning, work videoconferences, e-commerce, streaming video entertainment, and more.

<https://www.internetsociety.org/blog/2020/07/holding-steady-how-cdns-ixps-and-network-providers-help-keep-us-online/>

 

Chrome 84 released with important security enhancements

Google has released Chrome 84 today, July 14th, 2020, to the Stable desktop channel, and it includes numerous security enhancements and new APIs for developers. ... The QuicTransport API will allow web applications to connect to servers using the QUIC low latency and bi-directional transport protocol.

<https://www.bleepingcomputer.com/news/google/chrome-84-released-with-important-security-enhancements/>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home