[Newsclips] IETF SYN-ACK Newspack 2022-02-28

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

 

**********************

IETF IN THE NEWS

**********************

Futures of Digital Governance

Digital technologies increasingly shape the way we live our lives, whether we interact with friends, engage with our communities, form our opinions about the world, or work and sometimes play and entertain ourselves. In parts of the world, various sectors of society—health, transportation, education, government, or media—are going through what is often described as a digital transformation process. The opportunities and challenges associated with these technology-induced changes in society and their implications for individuals are subject to extensive research and work by experts in different disciplines and from various areas of practice as well as the public at large. ... Looking back, universities and their members played a vital role in digital governance through both scholarship and practice, in activities as diverse as bringing idiosyncratic forms of governance ("rough consensus and running code") to the Internet Engineering Task Force (IETF), giving birth to ICANN, or piloting Creative Commons.

< <https://cacm.acm.org/magazines/2022/3/258905-futures-of-digital-governance/fulltext> https://cacm.acm.org/magazines/2022/3/258905-futures-of-digital-governance/fulltext>

 

Another Year of the Transition to IPv6

I bet that nobody believed in 1992 that thirty years later we’d still be discussing the state of the transition to IPv6! In 1992 we were discussing what to do about the forthcoming address crunch in IPv4 and having come to terms with the inevitable prospect that the silicon industry was going to outpace the capacity of the IPv4 address pool in a couple of years, we needed to do something quickly. We decided to adopt a new protocol, IP version 6, a couple of years later, and in December 1995 the IETF published RFC 1883, the specification of IPv6.

< <https://www.potaroo.net/ispcol/2022-02/ipv6-2021.html> https://www.potaroo.net/ispcol/2022-02/ipv6-2021.html>

< <https://blog.apnic.net/2022/02/21/another-year-of-the-transition-to-ipv6/> https://blog.apnic.net/2022/02/21/another-year-of-the-transition-to-ipv6/>



Notes from DNS-OARC 37

There was a meeting of the DNS Operations and Research group in February, DNS-OARC 37. These are my notes from the presentations that I found to be of interest. ... There is a new draft, ‘draft-dwmtwc-dnsop-caching-resolution-failures’ in the IETF’s DNSOP Working Group. The document updates RFC 2308 by explicitly requiring the resolver to cache the non-responsive state of the server against the query profile. Further queries for this query should (well, in the IETF terminology it’s a ‘MUST’) not be performed until the cached information expires. It also provides some guidance as to what is unresponsive, and here it’s a sequence of three queries. It is not as specific as to how ‘unresponsive’ is defined but suggests a local timeout of between three and 30 seconds. What about the timer to be applied to the cache entry? The document proposes a five second initial cache time, and an increasing cache time for subsequent resolution failures to a maximum of 300 seconds. Constraints should apply to querying the parent zone servers, and RFC 4697 describes such constraints, although is not as specific with suggested timers and retry limits.

< <https://www.potaroo.net/ispcol/2022-02/oarc37.html> https://www.potaroo.net/ispcol/2022-02/oarc37.html>

< <https://blog.apnic.net/2022/02/22/notes-from-dns-oarc-37/> https://blog.apnic.net/2022/02/22/notes-from-dns-oarc-37/>

 

Using Sender Policy Framework to Mitigate Spoofing

Sender Policy Framework (SPF) is an email verification system. First introduced through the Internet Engineering Task Force (IETF) in 2014, it helps determine whether a sender of a message has permission to use the specified domain.

< <https://www.datto.com/blog/using-sender-policy-framework-to-mitigate-spoofing> https://www.datto.com/blog/using-sender-policy-framework-to-mitigate-spoofing>

 

Ofcom Crackdown on Number Spoofing to Tackle UK SPAM Calls

Last year the national telecoms regulator, Ofcom, estimated that 44.6 million UK people may have received scam calls and text messages during just the three months of summer (here), with 2% of recipients being duped by them. In response, the regulator has today proposed changes to tackle the use of fake phone numbers. ... The Engineering Task Force (IETF) has been attempting to do this via their suit of STIR/SHAKEN protocols (i.e. STIR = Secure Telephony Identity Revisited / SHAKEN = Signature-based Handling of Asserted information using TOKENs), but initially that was only focused upon North America (USA, Canada) and won’t really be viable in the UK until after the transition to all-IP services.

< <https://www.ispreview.co.uk/index.php/2022/02/ofcom-crackdown-on-number-spoofing-to-tackle-uk-spam-calls.html> https://www.ispreview.co.uk/index.php/2022/02/ofcom-crackdown-on-number-spoofing-to-tackle-uk-spam-calls.html>

 

Protecting digital signatures: It’s about time

The use of “digital signatures” has exploded during the pandemic. Around the globe, people have changed how they travel, transact, and work. In the manufacturing sector, organizations have gravitated to hybrid work environments. In all of these cases, digital signatures are being used to protect digital interactions as well as digital assets, from documents to software code. ... Trusted digital identities are needed for a wide variety of applications ranging from authentication and data encryption to document and code signing. PKI digital certificates are used to create them. To establish proof of these signatures’ existence at an instant of time, the Internet Engineering Task Force (IETF) created the PKI Time-Stamp Protocol (TSP).

< <https://techaeris.com/2022/02/22/protecting-digital-signatures-its-about-time/> https://techaeris.com/2022/02/22/protecting-digital-signatures-its-about-time/>

 

The Dangers of Networking Terminology

... Hard terms or labels are best represented in our industry as set by industry standards orgs such as the Institute of Electrical and Electronics Engineers (IEEE) and the Internet Engineering Task Force (IETF). Examples include the Open Shortest Path First (OSPF) and Border Protocol (BGP), courtesy of the IETF. Likewise, Ethernet & Shortest Path Bridging (SPB) terminology from the IEEE. The IEEE standards are particularly rigid in their definition as they deal with very tightly controlled electrical and RF characteristics. You either comply with the standard, or you don’t.

< <https://www.extremenetworks.com/extreme-networks-blog/the-dangers-of-networking-terminology/> https://www.extremenetworks.com/extreme-networks-blog/the-dangers-of-networking-terminology/>

 

El Metaverso será posible gracias al IPv6 [The Metaverse will be possible thanks to IPv6]

... Para garantizar una transición transparente para los usuarios y que garantice un tiempo prudencial para que los fabricantes incorporen la nueva tecnología y los proveedores de Internet la implementen en sus propias redes, la organización encargada de la estandarización de los protocolos de Internet (IETF, Internet Engineering Task Force), diseñó junto con el mismo protocolo IPV6, una serie de mecanismos que se denominan de transición y coexistencia.

< <https://tynmagazine.com/el-metaverso-sera-posible-gracias-al-ipv6/> https://tynmagazine.com/el-metaverso-sera-posible-gracias-al-ipv6/>

 

IPv6“＋”速跑 | 网络向IPv6单栈演进，构建先进云网基础设施 [IPv6 "+" Speed Run | The network evolves to IPv6 single-stack to build an advanced cloud network infrastructure]

2016年，国际IETF最高领导层IAB发表声明称“希望IETF能够在新RFC标准中，停止要求新设备和新的扩展协议兼容IPv4，未来的新协议要全部在IPv6基础上进行设计和优化。”中央网信办最近发布的《关于加快推进互联网协议第六版（IPv6）规模部署和应用工作的通知》指出，“增强IPv6网络互联互通能力，积极推进IPv6单栈网络部署，是我国未来推进IPv6工作的重点任务之一。”2020年美国白宫管理和预算办公室发布指南，“要求美国各机构尽快完成向IPv6的过渡，确保到2025财年末，联邦网络上超过80%的IP资源是IPv6单栈。”

< <https://finance.sina.com.cn/tech/2022-02-25/doc-imcwipih5360864.shtml> https://finance.sina.com.cn/tech/2022-02-25/doc-imcwipih5360864.shtml>

 

Chrome 98 で TLS1.0/1.1 が完全無効化、適切な対策を [TLS 1.0/1.1 is completely disabled in Chrome 98, and appropriate measures are taken]

フィッシング対策協議会は2月22日、主要ブラウザのセキュリティ強化に対する施策について発表した。インターネット技術特別調査委員会（IETF）では2018年10月に、TLS1.0/1.1を非推奨にしたため、主要ブラウザは2020年に同プロトコルの無効化を発表しており、TLS1.2が有効になっていないWebサーバは主要ブラウザからの接続ができなくなるためWebサーバの設定変更、または最新プロトコルへの対応が可能なWebサーバのバージョンアップなどが必要となる。

< <https://scan.netsecurity.ne.jp/article/2022/02/28/47191.html> https://scan.netsecurity.ne.jp/article/2022/02/28/47191.html>

 

**********************

SECURITY & PRIVACY

**********************

Upholding a sustainable, resilient internet: what coalitions and solutions are needed?

The internet is a resilient network. During the pandemic, the internet’s underlying protocols and infrastructure were capable of handling skyrocketing demand and stress. However, in recent years, global internet has also been under growing threat from fragmentation. Competing visions for the future of the internet have led to an increased politicization of its technical architecture. At the international level, there is a widespread deficiency in trust and shared visions. And as a result, technical solutions for improving the internet’s resilience hold new weight, with higher stakes for prosperity, security and human rights around the world.

< <https://www.chathamhouse.org/events/all/research-event/upholding-sustainable-resilient-internet-what-coalitions-and-solutions> https://www.chathamhouse.org/events/all/research-event/upholding-sustainable-resilient-internet-what-coalitions-and-solutions>

 

Troy Hunt, the cybersecurity expert behind Have I Been Pwned, on the sector’s biggest myths and why we should be worried about IoT devices

Your passwords aren’t safe, the internet of things is ripe for abuse, and hackers don’t always wear hoodies – this is some of the wisdom shared by cyber security expert and creator of the Have I Been Pwned website, Troy Hunt at the ACS Reimagination Thought Leaders’ Summit 2022.

< <https://www.startupdaily.net/2022/02/troy-hunt-the-cybersecurity-expert-behind-have-i-been-pwned-on-the-sectors-biggest-myths-and-why-we-should-be-worried-about-iot-devices/> https://www.startupdaily.net/2022/02/troy-hunt-the-cybersecurity-expert-behind-have-i-been-pwned-on-the-sectors-biggest-myths-and-why-we-should-be-worried-about-iot-devices/>

 

Resurrection of injection attacks

The DNS provides a convenient platform for distributing resources in domains. A domain owner just needs to create a record with a new resource and anyone on the Internet can use DNS resolvers to look up the resources in any domain. DNS resolvers retrieve the resources transparently and this transparency has helped fast and smooth deployment of new technologies over the DNS. In this article we of Fraunhofer SIT and Goethe-Universität Frankfurt explain that, along with the huge benefits, the transparency of the DNS also introduces a gaping hole in Internet security. ... Although we initiated disclosure and are coordinating distribution of patches, we believe a systematic solution requires coordination within the IETF and vendors to amend the standard. Our research has already resulted in 10 registered CVEs and patches. It also suggests a need for follow-up engineering and standardization work within the IETF and the operational community.

< <https://blog.apnic.net/2022/02/22/resurrection-of-injection-attacks/> https://blog.apnic.net/2022/02/22/resurrection-of-injection-attacks/>

 

nl: Disaster recovery with DNSSEC

In 2021 we replaced our Hardware Security Modules (HSMs) that we use to sign .nl domain names with DNSSEC. During the changeover project we wanted to gain a better understanding of what to do in case of an emergency. So, we created some ‘what if’ scenarios. One of those scenarios was: what if we lost all the keys in the HSMs?

< <https://www.sidn.nl/en/news-and-blogs/disaster-recovery-with-dnssec> https://www.sidn.nl/en/news-and-blogs/disaster-recovery-with-dnssec>

 

Ukraine calls on hacker underground to defend against Russia

The government of Ukraine is asking for volunteers from the country's hacker underground to help protect critical infrastructure and conduct cyber spying missions against Russian troops, according two people involved in the project.

< <https://www.reuters.com/world/exclusive-ukraine-calls-hacker-underground-defend-against-russia-2022-02-24/> https://www.reuters.com/world/exclusive-ukraine-calls-hacker-underground-defend-against-russia-2022-02-24/>

 

In the wake of the Ukraine invasion, Russia’s cyberattacks could go global

Such attacks, if aggressive and widespread, could test the North Atlantic Treaty Organization, creating new questions about when a cyberattack would draw a member nation and its allies into conflict, Sen. Mark R. Warner, the chair of the Senate Intelligence Committee, said in an interview.

< <https://www.washingtonpost.com/technology/2022/02/24/russia-cyberattacks-global/> https://www.washingtonpost.com/technology/2022/02/24/russia-cyberattacks-global/>

 

7 Steps to Take Right Now to Prepare for Cyberattacks by Russia

US-led sanctions on Russia for its invasion of Ukraine earlier this week have sparked considerable concern about retaliatory and spillover cyberattacks from the region on US organizations and those based in other allied nations.

< <https://www.darkreading.com/threat-intelligence/7-steps-to-take-right-now-to-prepare-for-cyberattacks-by-russia> https://www.darkreading.com/threat-intelligence/7-steps-to-take-right-now-to-prepare-for-cyberattacks-by-russia>

 

Fears Rise of Potential Russian Cyberattacks on US, Allies Over Sanctions

Tension is mounting over the potential for Russia's cyberattacks in Ukraine to spread to organizations in the US and other countries that have imposed economic and other sanctions on Russia over its invasion of Ukraine this week.

< <https://www.darkreading.com/attacks-breaches/fears-rise-of-potential-russian-cyberattacks-on-us-allies-over-sanctions> https://www.darkreading.com/attacks-breaches/fears-rise-of-potential-russian-cyberattacks-on-us-allies-over-sanctions>

 

Geopolitical Tensions Increase Risk of DDoS Attacks Among Other Damaging Intrusions

With Ukraine moving beyond the brink of war with an official invasion by Russia underway, organizations both near and afar must brace for potential repercussions in the form of crippling cyberattacks and intrusions. Already Ukraine has been bombarded with DDoS assaults aimed at taking down government sites, communication providers, and financial institutions.

< <https://www.akamai.com/blog/security/increasing-ddos-attacks-geopolitical-tension> https://www.akamai.com/blog/security/increasing-ddos-attacks-geopolitical-tension>

 

Tackling Security Challenges in 5G Networks

The EU Agency for Cybersecurity (ENISA) proposes good practices for the secure deployment of Network Function Virtualisation (NFV) in 5G networks.

< <https://www.enisa.europa.eu/news/enisa-news/tackling-security-challenges-in-5g-networks> https://www.enisa.europa.eu/news/enisa-news/tackling-security-challenges-in-5g-networks>

 

**********************

INTERNET OF THINGS

**********************

MWC in Barcelona: eco Presents Study on the Smart City Market Boom

The future belongs to Smart Cities – this is what eco – Association of the Internet Industry will be showcasing at the Pavilion of North Rhine-Westphalia at the Mobile World Congress (MWC), which will take place in Barcelona from 28 February to 3 March. The study “The Smart City Market in Germany 2021-2026” was published in 2021 by the eco Association with the consultancy Arthur D. Little, supported by NetCologne, Cloudflare, Uber and the Vodafone Institute. As the study shows, the revenue volume of the German Smart City market is set to grow from 38.5 billion Euro in 2021 to 84.7 billion Euro in 2026. Digital technologies and services also enable high CO2 savings in cities and metropolitan areas. In this respect, they make a significant contribution to climate protection and are indispensable in leading to a carbon-neutral city.

< <https://international.eco.de/presse/mwc-in-barcelona-eco-presents-study-on-the-smart-city-market-boom/> https://international.eco.de/presse/mwc-in-barcelona-eco-presents-study-on-the-smart-city-market-boom/>

 

EU seeks to capture the value of the Internet of Things

Amazon, Microsoft, Google, IBM and other cloud-service providers will have to put in place safeguards to prevent non-EU governments' unlawful access to EU data, according to the European Commission's new data-sharing rules.

< <https://euobserver.com/democracy/154418> https://euobserver.com/democracy/154418>

 

**********************

NEW TRANSPORT PROTOCOLS

**********************

Huawei’s “New IP” Proposal – Frequently Asked Questions

Q1: What is the “New IP” proposal? Who is promoting it and supporting it?

< <https://www.internetsociety.org/resources/doc/2022/huaweis-new-ip-proposal-faq/> https://www.internetsociety.org/resources/doc/2022/huaweis-new-ip-proposal-faq/>

 

Why the MQTT Protocol is So Popular

This first installment in a four-part series on key industrial network technologies explains how an ultra lightweight data transfer protocol became a widely used data gathering tool for Internet of Things applications.

< <https://www.automationworld.com/factory/iiot/article/22080946/why-the-mqtt-protocol-is-so-popular> https://www.automationworld.com/factory/iiot/article/22080946/why-the-mqtt-protocol-is-so-popular>

 

**********************

OTHERWISE NOTEWORTHY

**********************

The election for the future of the internet

In September this year, UN member states will cast their votes for the next secretary-general of the ITU. While elections for bureaucratic positions in obscure, technical UN bodies normally pass unnoticed, the ITU has emerged as the major battleground in Russia and China’s fight for control of the internet. This election isn’t just a vote for the next secretary-general, it’s an election that will determine the future of cyberspace.

< <https://www.lowyinstitute.org/the-interpreter/election-future-internet> https://www.lowyinstitute.org/the-interpreter/election-future-internet>

 

Without standards, there is no metaverse

It takes more than a clever speech by Facebook or anyone else to create the metaverse. Before any of us can begin exploring it, someone — or more likely a combination of many someone’s — needs to begin building it. For that to happen globally and at real scale, we will need the right combination of devices, standards, and network technology — none of which are fully here yet.

< <https://venturebeat.com/2022/02/26/without-standards-there-is-no-metaverse/> https://venturebeat.com/2022/02/26/without-standards-there-is-no-metaverse/>

 

us: Girls Need More Moms as STEM Role Models

Men dominate computer science and a lot of other tech fields—which can discourage girls, as they do not see a lot of female role models. Here is some advice that I hope will inspire anybody.

< <https://spectrum.ieee.org/moms-in-stem-role-models> https://spectrum.ieee.org/moms-in-stem-role-models>

 

Fourth radio interface technology added to 5G standards

​​​​​​​​​​Members of the International Telecommunication Union (ITU) today approved a fourth technology as part of ongoing standards development for 5G mobile services.

< <https://www.itu.int/en/mediacentre/Pages/PR-2022-02-24-5G-Standards.aspx> https://www.itu.int/en/mediacentre/Pages/PR-2022-02-24-5G-Standards.aspx>

 

An inside look at mobile broadband standards development

ITU News caught up with Uwe Lowenstein, Counsellor for ITU-R Study Group 5 (Terrestrial Service), to learn more about standards development for international mobile telecommunications.

< <https://www.itu.int/hub/2022/02/mobile-broadband-standards-imt-5g/> https://www.itu.int/hub/2022/02/mobile-broadband-standards-imt-5g/>

 

New webinar series features leading minds in tech research

A new webinar series beginning on 16 March highlights the research breakthroughs reshaping our digital environment and transforming the way we experience business and daily life.

< <https://www.itu.int/hub/2022/02/new-webinar-series-network-technology-research/> https://www.itu.int/hub/2022/02/new-webinar-series-network-technology-research/>

 

Inclusive technology to communicate without barriers

Technology holds the potential to address some of today’s greatest life challenges. But it can’t facilitate effective education or boost the quality of everyday life without clear guiding principles. To ensure benefits extend to everyone, new and emerging digital solutions must be guided by the core principles of inclusion and equity.

< <https://www.itu.int/hub/2022/02/inclusive-technology-communicate-ai-innovation-talov/> https://www.itu.int/hub/2022/02/inclusive-technology-communicate-ai-innovation-talov/>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home