[Newsclips] IETF SYN-ACK Newspack 2023-11-13

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

Has the EU’s discourse on internet standards generated real policy change?

Since 2019, the European Commission has launched a series of initiatives aimed at strengthening the EU’s role in setting the standards that govern the internet. Drawing on a new study, Clément Perarnaud and Julien Rossi examine whether this shift in approach has produced significant changes in the way the EU engages with the issue. ... Internet standards are usually produced within private organisations, such as the IETF, and more rarely within formal standard-developing organisations such as the ITU of the United Nations, in which states play a larger role. These forums are an integral part of internet governance through which state actors and large companies compete to define what the future of the internet will be.

< <https://blogs.lse.ac.uk/europpblog/2023/10/26/has-the-eus-discourse-on-internet-standards-generated-real-policy-change/> https://blogs.lse.ac.uk/europpblog/2023/10/26/has-the-eus-discourse-on-internet-standards-generated-real-policy-change/>

 

Nominations Open for 2023 Internet Society Board of Trustees

Are you (or someone you know) passionate about protecting the global, open Internet? And ensuring that it is available to everyone? Do you have leadership experience in business, government, philanthropy, and/or the nonprofit sector? If so, please consider submitting a nomination for a seat on the Internet Society Board of Trustees to help guide the future of the organization.

< <https://circleid.com/posts/20231106-nominations-open-for-2023-internet-society-board-of-trustees> https://circleid.com/posts/20231106-nominations-open-for-2023-internet-society-board-of-trustees>

 

Article 45 Will Roll Back Web Security by 12 Years

The EU is poised to pass a sweeping new regulation, eIDAS 2.0. Buried deep in the text is Article 45, which returns us to the dark ages of 2011, when certificate authorities (CAs) could collaborate with governments to spy on encrypted traffic—and get away with it. Article 45 forbids browsers from enforcing modern security requirements on certain CAs without the approval of an EU member government. Which CAs? Specifically the CAs that were appointed by the government, which in some cases will be owned or operated by that selfsame government. That means cryptographic keys under one government’s control could be used to intercept HTTPS communication throughout the EU and beyond. ... This upper bar on security may even ban browsers from enforcing Certificate Transparency, an IETF technical standard that ensures a CA’s issuing history can be examined by the public in order to detect malfeasance. Banning CT enforcement makes it much more likely for government spying to go undetected.

< <https://www.eff.org/deeplinks/2023/11/article-45-will-roll-back-web-security-12-years> https://www.eff.org/deeplinks/2023/11/article-45-will-roll-back-web-security-12-years>

 

Decentralized communication protocol Matrix shifts to less-permissive AGPL open source license

Element, the company and core developer behind the decentralized communication protocol known as Matrix, has announced a notable license change that will make the open source project just that little bit less appealing for companies looking to build on top of it. ... “It’s only a handful of projects which are shifting back to Element — and I’d argue that the Foundation is more important than ever now in order to safeguard the core protocol,” Hodgson said. “The Foundation acts as the standards body for Matrix, and just as W3C is critical for the web and IETF is critical for the internet, so is the Matrix Foundation critical for the success of Matrix.”

< <https://techcrunch.com/2023/11/06/decentralized-communication-protocol-matrix-shifts-to-less-permissive-agpl-open-source-license/> https://techcrunch.com/2023/11/06/decentralized-communication-protocol-matrix-shifts-to-less-permissive-agpl-open-source-license/>

 

The Real-Time Web is Here: Innovating with WebRTC

... With WebRTC, developers can easily add voice, video, messaging and file sharing to websites and apps. Leading browser vendors including Google, Microsoft, Mozilla and Apple have implemented support for WebRTC. Its components are being standardized by the W3C and IETF.

< <https://programminginsider.com/the-real-time-web-is-here-innovating-with-webrtc/> https://programminginsider.com/the-real-time-web-is-here-innovating-with-webrtc/>

 

Google wants Europe to classify iMessage as a gatekeeper that has to be interoperable

... Meanwhile, Google is preparing for this possibility and in July announced its support for an interoperable end-to-end encrypted communication standard: the IETF‘s Message Layer Security (MLS) specification RFC 9420. It plans to integrate the MLS protocol into Google Messages and Android.

< <https://9to5google.com/2023/11/07/google-imessage-europe/> https://9to5google.com/2023/11/07/google-imessage-europe/>

 

Kéž by duch IETF do českého e-governmentu ráčit vešel [If only the spirit of the IETF would enter the Czech e-government]

Pokud čtete tento článek, je to i díky lidem, kteří se na konci osmdesátých let sdružili v organizaci s názvem IETF. IETF nebo-li IETF je hlavní organizací pro vývoj standardů pro internet. Nejedná se o žádnou státem vedenou organizaci. V této organizaci nejsou žádní členové. Přihlásit se do ní může doslova každý. Kdokoliv na světě (pokud tedy není za nějakým ošklivým firewallem). Prostě klikne, že chce být na „mailing listu“ dané pracovní skupiny, nebo se přihlásí na jednání IETF (virtuálně nebo fyzicky). To je vše. Každý rok se tímto způsobem aktivně zapojí do pracovních skupin více než sedm tisíc lidí. Dobrovolně. Bez nároků na odměnu. S jediným cílem – aby internet lépe fungoval.

< <https://blog.nic.cz/2023/11/08/kez-by-duch-ietf-do-ceskeho-e-governmentu-racit-vesel/> https://blog.nic.cz/2023/11/08/kez-by-duch-ietf-do-ceskeho-e-governmentu-racit-vesel/>

 

Vom Netz genommen: IETF hört Bericht über Lage in Gaza und der Westbank [Remote from the Net: IETF listens to report on situation in Gaza and the West Bank]

Normalerweise kümmert sich die IETF um die Entwicklung von Protokollen. Beim laufenden Treffen in Prag gibt es dagegen gleich zwei Berichte aus Kriegsgebieten. Die Human Rights Protocol Considerations Forschungsgruppe bekam am Montag ein Update zur Situation der Netze im umkämpften Gazastreifen und im Plenum am Mittwoch berichtet die Global Network Operators Group über die weiter laufende Initiative KeepUkraineConnected.

< <https://www.heise.de/news/Digitale-Besatzung-IETF-hoert-Bericht-ueber-Lage-in-Gaza-und-der-Westbank-9355184.html> https://www.heise.de/news/Digitale-Besatzung-IETF-hoert-Bericht-ueber-Lage-in-Gaza-und-der-Westbank-9355184.html>

 

Studie zeigt den Anteil der EU an der Entwicklung von Internetstandards [Study shows the EU share of the development of Internet standards]

Haben die von der EU angestossenen Initiativen über Internetstandards zu echten Veränderungen geführt? Dieser Frage ist eine neue Studie im »Journal of European Public Policy« nachgegangen – das Politik-Blog EUROPP (European Politics and Policy) hat Teile davon veröffentlicht. Das Internet ist ein Netz unabhängiger Netzwerke, die dank gemeinsamer Standards und Protokolle wie dem Internet Protocol (IP) miteinander kommunizieren. Solche Standards wie das DNS werden in der Regel nicht von staatlichen Einrichtungen, sondern von privaten Organisationen wie der IETF oder der ICANN entwickelt.

< <https://domain-recht.de/internet-politik/sonstiges-internet-politik/internet-studie-zeigt-den-anteil-der-eu-an-der-entwicklung-von-internetstandards-69160.html> https://domain-recht.de/internet-politik/sonstiges-internet-politik/internet-studie-zeigt-den-anteil-der-eu-an-der-entwicklung-von-internetstandards-69160.html>

 

Vodafone: Internet-Fehlermeldungen besser erklären [Vodafone: explaining Internet error messages better]

... Den Dienst, mit dem die allge­meinen Fehler­mel­dungen um pass­genaue Infor­mationen ange­rei­chert werden können, hat Voda­fone bereits der Internet Engi­nee­ring Task Force (IETF) vorge­stellt, welche die Web-Stan­dards für die Internet-Indus­trie entwi­ckelt. Tech­nisch sollen beide Ansätze künftig als Open-Source-Lösung verfügbar gemacht werden, sodass jeder Browser-Entwickler diese Lösung über­nehmen kann.

< <https://www.teltarif.de/vodafone-internet-fehlermeldungen/news/93599.html> https://www.teltarif.de/vodafone-internet-fehlermeldungen/news/93599.html>

 

Investigadores de la UOC vuelven a figurar entre los más citados del mundo en trabajos científicos [UOC researchers are again among the most cited in the world in scientific work]

... En este sentido, hay que destacar que el catedrático es autor de estándares de internet: entre los años 2018 y 2022, el IETF, órgano abierto de estandarización, publicó varios documentos impulsados por el investigador para estandarizar aspectos de control de las redes inalámbricas de bajo consumo energético.

< <https://www.uoc.edu/portal/es/news/actualitat/2023/267-ranquin-stanford-2022.html> https://www.uoc.edu/portal/es/news/actualitat/2023/267-ranquin-stanford-2022.html>

 

A sötét középkorba viszi vissza a webes biztonságot az eIDAS 2.0 [eIDAS 2.0 takes web security back to the Dark Ages]

... Sőt: a böngészők így nem tudnák betartani az IETF egy fontos műszaki szabványát, a Certificate Transparencyt sem, amely biztosítja, hogy a hitelesítésszolgáltatók kibocsátási előzményeit a nyilvánosság megvizsgálhassa a visszaélések észlelése érdekében. Emiatt szintén nő annak a valószínűsége, hogy a kormányzati kémkedés észrevétlen marad.

< <https://bitport.hu/a-sotet-kozepkorba-viszi-vissza-a-webes-biztonsagot-az-eidas-2-0> https://bitport.hu/a-sotet-kozepkorba-viszi-vissza-a-webes-biztonsagot-az-eidas-2-0>

 

La réglementation européenne eIDAS 2.0, dont l'article 45 est enfoui dans le texte, fera reculer la sécurité du web de 12 ans [The European eIDAS 2.0 regulation, Article 45 of which is buried in the text, will reduce the security of the web by 12 years]

... Cette barre supérieure de sécurité peut même interdire aux navigateurs d'appliquer la transparence des certificats, une norme technique de l'IETF qui garantit que l'historique d'émission d'une autorité de certification peut être examiné par le public afin de détecter les malversations. En interdisant l'application de la transparence des certificats, il est beaucoup plus probable que l'espionnage gouvernemental ne soit pas détecté.

< <https://securite.developpez.com/actu/350386/La-reglementation-europeenne-eIDAS-2-0-dont-l-article-45-est-enfoui-dans-le-texte-fera-reculer-la-securite-du-web-de-12-ans-ce-qui-nous-ramene-a-l-age-des-tenebres-de-2011-d-apres-l-EFF/> https://securite.developpez.com/actu/350386/La-reglementation-europeenne-eIDAS-2-0-dont-l-article-45-est-enfoui-dans-le-texte-fera-reculer-la-securite-du-web-de-12-ans-ce-qui-nous-ramene-a-l-age-des-tenebres-de-2011-d-apres-l-EFF/>

 

Qué es ECH y cómo evita que tu operador pueda bloquearte el acceso a webs [What ECH is and how it prevents your operator from blocking your access to websites]

... Los principales navegadores de Internet como Mozilla y Google Chrome, algunos gigantes de CDN como Cloudflare, e incluso la organización de la IETF, han estado desarrollando durante varios años esta extensión de TLS para tener una conexión cifrada punto a punto desde el primer «hola».

< <https://www.redeszone.net/tutoriales/seguridad/que-es-ech-caracteristicas-activacion/> https://www.redeszone.net/tutoriales/seguridad/que-es-ech-caracteristicas-activacion/>

 

Google chiede all'UE di rendere iMessage interoperabile

... Google, anticipando una possibile decisione favorevole, ha già annunciato il suo supporto per uno standard di comunicazione crittografato end-to-end interoperabile, la specifica RFC 9420 MLS (Message Layer Security) della IETF. L’azienda prevede di integrare questo protocollo in Google Messaggi e Android, facilitando una comunicazione avanzata tra dispositivi Android e iPhone, che attualmente avviene tramite SMS.

< <https://www.melablog.it/google-chiede-allue-di-rendere-imessage-interoperabile/> https://www.melablog.it/google-chiede-allue-di-rendere-imessage-interoperabile/>

< <https://www.msn.com/it-it/money/storie-principali/google-chiede-allue-di-rendere-imessage-interoperabile/ar-AA1jBKEO> https://www.msn.com/it-it/money/storie-principali/google-chiede-allue-di-rendere-imessage-interoperabile/ar-AA1jBKEO>

 

第三届IPv6下一代互联网技术创新与国际标准研讨会在京成功召开 [The 3rd IPv6 Next Generation Internet Technology Innovation and International Standards Symposium was successfully held in Beijing]

10月26日，为推进IPv6技术创新及国际标准研究，促进IPv6规模部署和应用，第三届IPv6下一代互联网技术创新与国际标准研讨会在京成功举行。此次会议由中国通信标准化协会、中关村实验室联合主办，中国互联网协会和华为技术有限公司联合承办。线上线下共计150余位专家出席，围绕IPv6下一代互联网创新技术和IETF标准制定工作进行了分享与交流。

< <https://www.edu.cn/xxh/focus/xs_hui_yi/202311/t20231106_2528219.shtml> https://www.edu.cn/xxh/focus/xs_hui_yi/202311/t20231106_2528219.shtml>

 

李星：从互联网的发展看人工智能的治理与创新 [Li Xing: From the perspective of the development of the Internet, we can see the governance and innovation of artificial intelligence]

... IETF——解决真实问题 聚焦关键问题:互联网是怎么治理的？其治理体系基本可以总结为以下几个方面：一是域名，二是IP地址，三是协议。互联网的技术治理可以追溯到1968年，后来逐步产生了关键技术并形成了相关组织。互联网工程任务组（IETF）成立于1986年，其主要任务是进行技术治理，以确保互联网的互操作性。正如著名资深科学研究员Dave Clark曾经强调的那样：“我们拒绝国王，拒绝总统，拒绝选举，我们相信的是大概一致和可以运行的程序。”

< <https://www.edu.cn/xxh/zhuan_jia_zhuan_lan/lx/202311/t20231110_2531227.shtml> https://www.edu.cn/xxh/zhuan_jia_zhuan_lan/lx/202311/t20231110_2531227.shtml>

 

算力网络在数字经济的发展中如何发生作用？乌镇峰会这场论坛上这样说 [How does the computing network play a role in the development of the digital economy?]

... GSMA CEO洪曜庄 图据世界互联网大会乌镇峰会: “在算力网络技术的创新引领方面，中国移动三年来做了很多积极的工作，布局了十个方向，30多项关键的技术，在国内外标准组织牵头立项100余个标准，在国际互联网工程任务组IETF成立算力路由工作组，中国移动承担了标准工作组的主席，这是一个非常重要的研究，有望成为对IP协议会带来变革性的升级。”中国移动副总经理高同庆表示。

< <https://news.youth.cn/gn/202311/t20231110_14901199.htm> https://news.youth.cn/gn/202311/t20231110_14901199.htm>

 

**********************

IETF COMMUNITY NOTES

**********************

Cisco to host IETF 121 Dublin meeting

I am pleased to announce that Cisco will be the Host for IETF 121 Dublin, 2-8 November 2024.

< <https://www.ietf.org/blog/ietf121-host/> https://www.ietf.org/blog/ietf121-host/>

 

Suggested IETF 118 Sessions for Getting Familiar with New Topics

These IETF 118 meeting sessions are likely to include discussions and proposals that are accessible to a broad range of Internet technologists whether they are new to the IETF or long-time participants.

< <https://www.ietf.org/blog/ietf118-new-topics/> https://www.ietf.org/blog/ietf118-new-topics/>

 

Countries Listed in IETF Systems

The IETF Administration LLC and Secretariat regularly receive questions and requests from the IETF community about the countries that are listed in IETF systems, in particular the list in the meeting registration system. Recent communications include a request for a new country to be added to this list and a recommendation that this list should be titled ‘Country or Region’. This post explains how this list is chosen and why we will not be acting on these requests.

< <https://www.ietf.org/blog/countries-listed-in-ietf-systems/> https://www.ietf.org/blog/countries-listed-in-ietf-systems/>

 

**********************

SECURITY & PRIVACY

**********************

New NATO cyber forum to support collective response to cyberattacks

A new NATO cyber forum aims to increase cooperation between NATO members as well as with the private sector to ramp up the Western military alliance’s response to future cyber threats.

< <https://www.euractiv.com/section/cybersecurity/news/nato-defence-can-be-sparked-by-digital-strikes-stoltenberg-tells-berlin-summit/> https://www.euractiv.com/section/cybersecurity/news/nato-defence-can-be-sparked-by-digital-strikes-stoltenberg-tells-berlin-summit/>

 

A new world of security: Microsoft’s Secure Future Initiative

The past year has brought to the world an almost unparalleled and diverse array of technological change. Advances in artificial intelligence are accelerating innovation and reshaping the way societies interact and operate. At the same time, cybercriminals and nation-state attackers have unleashed opposing initiatives and innovations that threaten security and stability in communities and countries around the world.

< <https://blogs.microsoft.com/on-the-issues/2023/11/02/secure-future-initiative-sfi-cybersecurity-cyberattacks/> https://blogs.microsoft.com/on-the-issues/2023/11/02/secure-future-initiative-sfi-cybersecurity-cyberattacks/>

 

'Shields Ready' Critical Infrastructure Initiative Addresses Inevitable Cyberattacks

The US government has issued a series of prescriptions for preparing critical infrastructure operators for disasters, physical attacks, and cyberattacks, with an emphasis on the ability to recover from disruptions in the future.

< <https://www.darkreading.com/ics-ot/shields-ready-initiative-inevitable-cyberattacks> https://www.darkreading.com/ics-ot/shields-ready-initiative-inevitable-cyberattacks>

 

Article 45 Will Roll Back Web Security by 12 Years

The EU is poised to pass a sweeping new regulation, eIDAS 2.0. Buried deep in the text is Article 45, which returns us to the dark ages of 2011, when certificate authorities (CAs) could collaborate with governments to spy on encrypted traffic—and get away with it.

< <https://www.eff.org/deeplinks/2023/11/article-45-will-roll-back-web-security-12-years> https://www.eff.org/deeplinks/2023/11/article-45-will-roll-back-web-security-12-years>

 

Smart Cities and Cybersecurity: Protecting Citizens from Malicious Attacks

Smart cities and cybersecurity are inseparable. When you start integrating the Internet of Things (IoT) with infrastructure, a city cyber attack is, unfortunately, inevitable. But that doesn't mean it has to be successful.

< <https://www.govtech.com/sponsored/smart-cities-and-cybersecurity-protecting-citizens-from-malicious-attacks> https://www.govtech.com/sponsored/smart-cities-and-cybersecurity-protecting-citizens-from-malicious-attacks>

 

New MANRS Steering Committee Members Elected

The MANRS Steering Committee election closed at 23.59 UTC on 3 November 2023, and the result has now been confirmed by Election Chair Jeremy Harrison (APNIC). Three candidates have been elected to the MANRS Steering Committee: Nick Hilliard — INEX; Arturo Servin — Google & Nicolas Fiumarelli Santana — LACNIC

< <https://www.manrs.org/2023/11/new-manrs-steering-committee-members-elected/> https://www.manrs.org/2023/11/new-manrs-steering-committee-members-elected/>

 

**********************

INTERNET OF THINGS

**********************

Internet of Things: tech firms have become our digital landlords – but people are starting to fight back

>From smart toasters to fitness collars for dogs, we live in a world where everything around us is gradually being connected to the internet and fitted with sensors so that we can interact with them online.

< <https://theconversation.com/internet-of-things-tech-firms-have-become-our-digital-landlords-but-people-are-starting-to-fight-back-193181> https://theconversation.com/internet-of-things-tech-firms-have-become-our-digital-landlords-but-people-are-starting-to-fight-back-193181>

 

**********************

QUANTUM NETWORKING

**********************

Microsoft and Photonic collaborate to develop quantum networking solutions

Microsoft is collaborating with quantum technology firm Photonic to empower the quantum computing ecosystem. Photonic will combine its spin-photon architecture with the Microsoft Azure infrastructure with the aim of delivering new technologies that enable reliable quantum communications over long distances.

< <https://www.technologyrecord.com/article/microsoft-and-photonic-collaborate-to-develop-quantum-networking-solutions> https://www.technologyrecord.com/article/microsoft-and-photonic-collaborate-to-develop-quantum-networking-solutions>

 

Microsoft and Photonic join forces on the path to quantum at scale by Dennis Tom, General Manager of Azure Quantum

We are excited to announce a strategic co-innovation collaboration with Photonic Inc., a company focused on building scalable, fault tolerant, and distributed quantum technologies. Our shared mission is to unlock the next stages in quantum networking and empower the quantum computing ecosystem with new capabilities enabled by our unique and complementary approaches to scalable quantum infrastructure.

< <https://cloudblogs.microsoft.com/quantum/2023/11/08/microsoft-and-photonic-join-forces-on-the-path-to-quantum-at-scale/> https://cloudblogs.microsoft.com/quantum/2023/11/08/microsoft-and-photonic-join-forces-on-the-path-to-quantum-at-scale/>

 

**********************

OTHERWISE NOTEWORTHY

**********************

The Challenges of RPKI-ROA Diffusion in Research and Education

The ARIN 52 Public Policy and Members Meeting, held 19-20 October 2023 in San Diego, California, and online, began with an insightful keynote address titled “The Challenges of RPKI-ROA Diffusion Within the U.S. Research and Education Community.” Delivered by Internet2 ’s Director of Routing Integrity, Steve Wallace, this presentation shed light on the complexities surrounding Resource Public Key Infrastructure (RPKI) adoption in Internet2’s community of higher education, research institutions, government entities, corporations, and cultural organizations. Read on for a recap of this keynote and the critical issues, barriers, and potential solutions discussed.

< <https://www.arin.net/blog/2023/11/09/arin-52-keynote-recap/> https://www.arin.net/blog/2023/11/09/arin-52-keynote-recap/>

 

How we measure: RPKI ROA signing and Route Origination Validation

At APNIC Labs we publish several measurements of the deployment of various technologies that are being adopted on the Internet. In this post, I’ll explain how we measure the adoption of the signing of Route Origination Attestations (ROAs) as part of the framework for securing inter-domain routing on the Internet using the digital credential framework provided by the Resource Public Key Infrastructure (RPKI).

< <https://www.potaroo.net/ispcol/2023-11/measure-roas.html> https://www.potaroo.net/ispcol/2023-11/measure-roas.html>

< <https://blog.apnic.net/2023/11/09/how-we-measure-rpki-roa-signing-and-route-origination-validation/> https://blog.apnic.net/2023/11/09/how-we-measure-rpki-roa-signing-and-route-origination-validation/>

 

[Podcast] Negative caching of DNS resolution failures

In this episode of PING, Verisign fellow Duane Wessels discusses a late state (version 08) Internet draft he’s working on with two colleagues from Verisign. The draft is on Negative Caching of DNS Resolution Failures and is co-authored by Duane, William Carroll, and Matt Thomas

< <https://blog.apnic.net/2023/11/09/podcast-negative-caching-of-dns-resolution-failures/> https://blog.apnic.net/2023/11/09/podcast-negative-caching-of-dns-resolution-failures/>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home