Categories
Open Internet Standards Technology

Re-live the IETF 89 Panel on "Evolution of End-to-End!"

Were you at IETF 89 in London? Did you attend the Tuesday, 4 March lunch panel on “Evolution of end-to-end: why the Internet is not like any other network?” What did you think?

Moderated by Leslie Daigle (Internet Society) and featuring panelists Fred Baker, Harald Alvestrand, and Andrew Sullivan, the session featured lively discussion on how we got here and what the end-to-end principle means to today’s Internet – and it’s future. From the session abstract:

“In 2004, the IAB published RFC3724, “Future of End-to-End.” The document reviews the important aspects of “smart endpoints, dumb network,” and articulates some perspectives on how Internet engineering was evolving to address those key aspects. Ten years later, evolution has continued — and the Internet’s deployment and evolution are taking new directions in the face of growing awareness of the threat of pervasive monitoring of network traffic. How do we define the end-to-end principle today and is it still an important piece of ensuring a robust, reliable and trusted Internet in 2020?

Each of three panelists will present their predictions for the state of one of the three facets (network, endpoints, infrastructure/middle) in 2020, followed by questions and interactive discussion”

If you missed it, good news! You can see the archived video here on YouTube:

You can also view all the presenters’ slides here on SlideShare:

Categories
Open Internet Standards Technology

Today! Evolution of end-to-end: why the Internet is not like any other network – ISOC Briefing Panel at IETF 89

Today at IETF 89 in London, we’re holding our traditional Internet Society Briefing Panel where we discuss a topic that is relevant to IETF attendees but somewhat beyond the normal realm of discussion in the standards-setting process. This time, the topic is “Evolution of end-to-end: why the Internet is not like any other network.”

The session required pre-registration, which is full, but the good news is we’ll be livestreaming the hour-long event here.

Date: Tuesday, 4 March 2014
Time: 11:45 am-12:45 pm UTC

Join moderator Leslie Daigle (Internet Society) and panelists Fred Baker, Harald Alvestrand, and Andrew Sullivan. From the session abstract:

“In 2004, the IAB published RFC3724, “Future of End-to-End.”  The document reviews the important aspects of “smart endpoints, dumb network,” and articulates some perspectives on how Internet engineering was evolving to address those key aspects. Ten years later, evolution has continued — and the Internet’s deployment and evolution are taking new directions in the face of growing awareness of the threat of pervasive monitoring of network traffic. How do we define the end-to-end principle today and is it still an important piece of ensuring a robust, reliable and trusted Internet in 2020?
 
Each of three panelists will present their predictions for the state of one of the three facets (network, endpoints, infrastructure/middle) in 2020, followed by questions and interactive discussion.

We’ll be live tweeting the session via our @ISOCtech Twitter handle, so be sure to join us in person in London, tune into the webcast, or follow along on Twitter for what is sure to be a lively and engaging discussion.

Categories
Human Rights

Internet Society Fellows to IETF 89 — increasing the diversity of voices working on Internet standards development

In 2006, the Internet Society introduced the Fellows to the Internet Engineering Task Force (IETF) programme to increase the diversity of voices  and contributions to the standards development process.  Since then, the Internet Society Fellows to IETF programme has brought more than 175 technologists from 45+ countries to IETF meetings.

These competitive fellowships foster participation of technologists from developing and emerging economies to IETF meetings and working groups.  Typically attracting more than 10 applicants per available award, selected Fellows must also demonstrate how they will apply their learning back to their regions and local communities.

We applaud the ten Fellows selected for the IETF 89 meeting in London for their interest in contributing to Internet standards and the important work of the IETF.

Here is more about their experiences and interests:

Returning fellow Palanivelan Appanasamy currently works with Verizon R&D Labs as Distinguished MTS in India. IETF 89 will be his fourth IETF. He has extensive experience in Telecom and Networking, having previously worked with EMC, Cisco, Juniper, LucentTech and Motorola. His IETF contributions and interests are in the routing, security and transport areas.

First-time fellow Antonio Araujo is from Mérida, Venezuela.  He is a systems engineer and works as a software developer in CENDITEL, a Venezuelan National Development and Research Center for free and open technologies. Antonio is working on a Masters in Computer Science in Universidad de Los Andes in Mérida, Venezuela. He is particularly interested in helping IETF Working Groups (WG) as wpkops, tls and oauth.

Nabil Benamar is from Morocco and is involved with the work of some WGs and also non-WGs, namely the ITS (Intelligent Transport Systems) group.  Nabil, a first-time fellow, is a professor of computer networks at the Moulay Ismail University in Meknes, Morocco. His main research topics are DTN, VANET, VDTN, IoT and IPv6. His blog, nabilbenamar.com, acts as a hub for publication of his articles and projects, as well as debates with readers around the world and especially in the Arab region.

As an electronic engineer, Diego Dujovne has worked as a consultant for five years on telecom development and industrial instrumentation in Argentina. He then moved to INRIA Sophia Antipolis, where he developed an experimental methodology for wireless networks that led him to obtain a PhD in Informatics. He is currently researcher and professor at Universidad Diego Portales, Santiago, Chile. Diego’s main research and development topic is the Internet of Things, where he has been working since 1999. In 2013, Diego started to collaborate with the 6TiSCH WG, where he is currently editor of a draft. This is his second IETF.

Ana Hernandez graduated from the Universidad de Los Andes, Merida – Venezuela and is a Systems Engineer. A first-time fellow, she is working as a Consultant and Auditor of technological systems, infrastructure and IT operations at Deloitte. Her principal area of interest is Security Automation and Continuous Monitoring.

Sakaio Manoa, originally from Tuvalu, is a returning fellow and is currently studying at the Swinburne University of Technology in Melbourne, Australia for a Masters in Network System specializing in Security. His area of interest is the implementation of IPv6 for which he has been following IETF and the Deploy IPv6 for guidance and direction. 

Fabian Mejia is an Electronics and Telecommunications engineer from Escuela Politecnica Nacional (EPN) in Quito, Ecuador. He works for the association of Ecuadorian ISPs, AEPROVI, where he manages the national IXP, NAP.EC. He is a founding member of the IPv6 Task Force Ecuador (www.ipv6tf.ec) and leads its activities. Fabian was also elected chair of LACNIC’s Regional Interconnection Forum.  His particular areas of interest are BGP routing and IPv6. 

Carlos Paparoni is currently a Systems Engineering student, with a specialization in Computer Systems in the Universidad de Los Andes in Merida, Venezuela working on his undergraduate thesis. His background involves web design and developing server/client side programming. His interests include the JSON, Web Security and IPv6 Working Groups.

Leaf Yeh is a first-time Fellow, but has attended the IETF on five occasions. He is interested in 6man, though his previous contributions to the IETF focused on the WGs of DHC, Softwires and Radext. Leaf is the author of RFC7037, and has worked for China Telecom Research Institute, Conexant Systems. Inc., ZTE Corp. and Huawei Technologies.

Dessalegn Yehuala is a returning fellow, and works for the Computer Science department of Ethiopia’s Addis Ababa University as Lecturer/Researcher. His research interests include Information Centric Networks, DTN (Delay Tolerant Networks), Multi-path tcp and AQM. He subscribes to four IETF working groups (ICNRG, ICCRG, multipathtcp and AQM).  

Congratulations to all of our IETF 89 Fellows. 

 

Categories
Building Trust Identity Open Internet Standards Privacy Technology

Rough Guide To IETF 89: Trust, Identity, and Privacy

Trust, identity, and privacy continue to be active areas of interest for the Internet Society. With all the recent concerns about security and privacy on the Internet, the IETF has focused on numerous activities addressing these topics. To that end, there are several interesting topics being discussed at IETF 89 in London next week.

For the first time, a tutorial on Engineering Privacy into Internet Protocols will be offered to all IETF attendees on Sunday, 2 March. This tutorial comes out of the IAB Privacy program and is based on RFC 6973, Privacy Considerations for Internet Protocols.

The web PKI certificate infrastructure continues to be a source of trust-related operational issues in the Internet. Work to improve this infrastructure is being accelerated by the establishment of a new working group, trans (Public Notary Transparency). The first task of this working group will be to generate a standards track version of the experimental RFC 6962 on Certificate Transparency. Additionally, the wpkops (web PKI OPS) WG continues to work to document current Web PKI operations with an eye toward suggested improvements in those operations.

On the identity front, the abfab (Application Bridging for Federated Access Beyond the web) Working Group is wrapping up its initial work on a federated identity mechanism for use by Internet protocols other than HTML/HTTP. Next week they will focus on remaining open issues and possible work items to re-charter the working group. The scim (System for Cross-domain Identity Management) WG continues to make progress on managing user identities and identity-related objects across administrative domains. The oauth (Web Authorization Protocol) WG is quite active with work on assertions, dynamic registration, and JSON web tokens. There will also be discussions on security directions for oauth in that session. The jose (Javascript Object Signing and Encryption) WG has just completed a Working Group Last Call on its suite of documents and the expectation is that these documents will soon be sent forward to the IESG. And, in case your plate isn’t full enough, there is a BoF on authentication and authorization in constrained environments (ace).

Finally, as a continuing technical response to last year’s series of pervasive surveillance revelations, the IETF is focused on several efforts to strengthen the Internet. This begins prior to the IETF with the IAB/W3C STRINT workshop mentioned in an earlier IETF 89 Rough Guide blog post. It continues into the IETF week with discussions on improving privacy through the use of TLS in various Internet application protocols in the newly formed uta (Using TLS in Applications) WG. Additionally, the IRTF Crypto Forum Research Group has renewed interest and activity as a result of the IETF desire to strengthen its use of cryptography.

All in all it will be an action-packed week for those interested in trust, identity, and privacy at IETF 89.

Related Meetings, Working Groups, and BoFs at IETF 89:

  • Tutorial: Engineering Privacy into Internet Protocols
    (Sunday, 2 March 2014; 1500-1630)

To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see http://dev.internetsociety.org/rough-guide-ietf89.

Categories
IPv6

Rough Guide to IETF 89: All About IPv6

The Internet relies on a single addressing framework to have global reach and integrity. IPv4 address space is insufficient, and the IETF developed IPv6 as its successor many years ago. IPv6 remains an important topic for us at the Internet Society. We were thrilled to see that Google’s IPv6 traffic recently passed the 3% mark and that the deployment rate seems to be accelerating, but there’s still a lot of work to be done. To that end, there are several interesting IPv6-related topics being discussed at IETF 89 in London next week.

While the standard for IPv6 has long-since been finished, there are ongoing discussions in the IETF of maintenance issues in the protocols, IPv6 operational issues and management, and possible uses in home networks and very large-scale networks (of small scale devices). Many of these discussions will happen next week in London.

I call attention first to the discussion in the 6man Working Group of efficient neighbor discovery and of issues around the interface identifier part of the IPv6 address. There has been some ongoing work identifying issues with embedding hardware addresses in the interface id part of the v6 address. The Internet-Draft ietf-6man-address-generation-privacy identifies the ability to use those for correlating network activity, tracking location, address scanning, and identifying specific device types to exploit known vulnerabilities. This draft will be discussed and another Internet-Draft (ietf-6man-default-iids) will be discussed with an alternate proposal for stable interface addresses.

Efficient neighbor discovery is very important, particularly in mobile environments with power sensitive hosts. A number of drafts have been presented describing the problem. These will be discussed and the WG will determine what (if anything) should be done to improve the situation.

The v6ops Working Group discusses operational issues with IPv6 deployment. This time there will be some discussion of the problematic interaction between address configuration using DHCPv6 and SLAAC. The problem mainly occurs because of a lack of specificity in the standards about the normativeness of a set of flags used in neighbor discovery. The WG has a problem statement Internet-Draft (ietf-v6ops-dhcpv6-slaac-problem) that will be discussed and at least one draft that the WG has not yet adopted that intends to provide guidance to minimize the operational impact of this issue.

The main standards-making activity of IPv6 may be done, but the level of energy and effort in the IETF around IPv6 operation continues to grow, reflecting the reality of its increasing use on the global Internet and the importance of IPv6 to the Internet’s continued growth and evolution.

Related Working Groups at IETF 89:

To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see http://dev.internetsociety.org/rough-guide-ietf89.

Categories
Open Internet Standards Technology

Rough Guide to IETF 89: Internet Scalability and Performance

In this post I’ll shine a light on some of the Internet Engineering Task Force (IETF) and Internet Research Task Force (IRTF) efforts underway to explore and address more sophisticated ways to use available bandwidth, improve Internet performance, and otherwise efficiently get content to where it needs to be. These groups will all be meeting as part of the IETF 89 meeting in London, England, next week.

There are two birds-of-a-feather (BoF) meetings worth highlighting. The Tunneling Compressed Multiplexed Traffic Flows (TCMTF) BoF is looking to update existing work on optimising real-time packet flows for bandwidth savings. One of the proponents of this work, Jose Saldana, wrote about the group’s motivations and goals in the IETF Journal recently: http://dev.internetsociety.org/articles/shooting-around-corner-problem-real-time-services

The other BoF meeting of interest is Transport Services (TAPS). This meeting will feature a more architectural discussion about the services a transport API is required to provide based on the kinds of things application developers are now using UDP and TCP for. The group will then analyse how these required transport services could be implemented using existing protocols, and how to validate that a specific transport service can be supported on a given path.

TCP is currently the Internet’s predominant transport protocol and the TCPM Working Group handles small TCP changes and minor extensions to TCP algorithms and protocol mechanisms. In addition to continuing its work on TCP modifications that could significantly improve Internet performance as perceived by the average end user, the TCPM meeting in London will include a ‘mini-BoF’ on TCPcrypt. This is responsive to the threat of pervasive surveillance and, while TCPcrypt has been around for some time and faces substantial deployment challenges, the newly exposed threat model has given rise to renewed interest in exploring the potential for TCPcrypt deployment.

The Active Queue Management (AQM) Working Group is continuing its work to develop algorithms for proactively managing queues (or buffers) in networking equipment in order to:

  • help flow sources control their sending rates before the onset of necessary losses;
  • help minimize delays for interactive applications; and
  • help protect flows from negative impacts of other more aggressive or misbehaving flows.

Once deployed, AQM and packet scheduling algorithms can have a huge impact on the responsiveness, resilience, and usability of the Internet for diverse applications.

The Internet is a shared medium for communication, which requires all end systems to abide by certain rules to prevent ‘congestion collapse’ of the network. The Internet Congestion Control Research Group (ICCRG) is the IRTF home for work on congestion control. The upcoming meeting (and the AQM working group meeting mentioned above) will include presentation and discussion of the variant of the PIE algorithm adopted by CableLabs for implementation in DOCSIS 3.1 cable modems.

The Large-Scale Measurement of Broadband Performance (LMAP) and IP Performance Metrics (IPPM) Working Groups will continue their work to define metrics and a measurement system to inform the public policy debate, and educate end users about the performance of ISP offerings in their marketplace by providing standardized metrics and a framework for measuring network performance.

Related Working Groups and BoFs at IETF 89:

To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see http://dev.internetsociety.org/rough-guide-ietf89.

Categories
Improving Technical Security Open Internet Standards Technology

Rough Guide to IETF 89: Routing Resilience

Security and resilience are important aspects of IETF work and there are many Working Groups (WGs) that contribute to the Internet routing infrastructure, including:

Several of these WGs – SIDR, GROW, and IDR – are meeting next week at IETF 89 in London.

The SIDR WG is focusing on securing inter-domain routing. The overall architecture is based on a Resource PKI (RPKI), which adds an authentication framework to BGP and is an important component of BGP security extensions – BGPSEC, also developed in the SIDR WG. This is a key technology for improving trust in the routing infrastructure.

Interestingly enough, it seems the focus of the mailing list discussions and the agenda of the group meeting in London is back on RPKI. This, in my opinion, is a good sign of increased interest and practical issues related to the deployment of this technology.

One of the main themes here is related to resilience and scalability of RPKI.

Originally, https://datatracker.ietf.org/doc/draft-ietf-sidr-multiple-publication-points brought up a proposal for discussion on how to achieve a more distributed and resilient architecture by allowing multiple publication points, and consequently multiple operators’ support for the trust anchor and certificate repositories. However, it became apparent that support for multiple certificate repositories requires more considerations and the work was split into two parts. The first part, related to the trust anchor, is now represented by a new draft (https://datatracker.ietf.org/doc/draft-huston-sidr-rfc6490-bis), which is an update to the Trust Anchor Locator (TAL) and has now been called for WG adoption; the second part will probably require more work.

Also related to this is a proposal to amend the validation process (RPKI Validation Reconsidered, https://datatracker.ietf.org/doc/draft-huston-rpki-validation) that will not invalidate a subordinate certificate if one of its resources is removed in the parent cert. This is a big change, but the one that can make the system more robust.

There are other interesting topics on the meeting agenda, although they haven’t got much discussion time in the group yet:

The focus of the GROW WG is on operational problems associated with the global routing system, such as routing table growth, the effects of interactions between interior and exterior routing protocols, and the effect of operational policies and practices on the global routing system, its security and resilience.

At the last IETF, the WG meeting was cancelled due to lack of agenda items. At the same time there are outstanding work items. Among them:

The IDR WG continues to work on better handling of malformed BGP attributes that may cause serious outages, and even cascading effects influencing other networks. A draft “Revised Error Handling for BGP UPDATE Messages” (https://datatracker.ietf.org/doc/draft-ietf-idr-error-handling/) being considered by the IDR WG discusses the error handling for UPDATE messages, and provides guidelines for the authors of documents defining new attributes. By the way, a broader document, aimed at defining requirements for BGP error handling (https://datatracker.ietf.org/doc/draft-ietf-grow-ops-reqs-for-bgp-error-handling), has been discussed in the GROW WG, but unfortunately expired. There might be some energy to revive the document.

In summary, there is a considerable set of work underway across a number of IETF working groups to ensure the Internet’s routing infrastructure is more secure and resilient in both the short and long runs.

Related Working Groups at IETF 89

SIDR (Secure Inter-Domain Routing)
WG Agenda: https://datatracker.ietf.org/meeting/89/agenda/sidr/
Charter: https://datatracker.ietf.org/wg/sidr/charter/

GROW (Global Routing Operations)
WG Agenda: [Not Yet Published]
Charter: https://datatracker.ietf.org/wg/grow/charter/

IDR (Inter-Domain Routing Working Group)
WG Agenda: https://datatracker.ietf.org/meeting/89/agenda/idr/
Charter: https://datatracker.ietf.org/wg/idr/charter/

To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see http://dev.internetsociety.org/rough-guide-ietf89.

Categories
Improving Technical Security IPv6 Open Internet Standards Privacy Technology

The Internet Society Rough Guide to IETF 89 – London Calling

It’s that time, again – in just over a week, more than a thousand Internet engineers will arrive in London to spend a week discussing the latest issues in Internet protocol engineering at IETF 89 (2-7 March). This meeting, as all IETF meetings, is important – and not just because they’ve happened 88 times before and we’re kind of in the habit of holding them! We believe that engineering the Internet, in a collaborative sharing of expertise, is the best way to ensure it has a positive future. The important questions for the Internet’s future are not just about who controls it (“governance”), but also about solving knotty technical issues – and that’s what IETFers are setting out to do.

The response to our “blogified” rough guide for the last IETF meeting was very positive, so we are again presenting you with a series of posts on particular topics of interest to us at the Internet Society – routing resiliency, IPv6, DNSSEC and its friends, trust, identity and privacy, and, of course, making the Internet stronger.

Before the IETF meeting itself, the IAB and W3C are jointly hosting a workshop on “Strengthening the Internet Against Pervasive Monitoring” (STRINT) on February 28 and March 1. While the workshop itself is invitational and already filled to capacity, you can see the many and varied position papers that were contributed to the activity (including our own) and look forward to a report from the workshop in the weeks that follow.

The Technical Plenary on Monday, 3 March, will follow the money in the Internet, focusing on payment systems and Bitcoin, with Malcolm Pearson from Microsoft China and Steve Kirsch from OneID presenting. It will be livestreamed at http://www.ietf.org/live.

The IGOVUPDATE IAB meeting on Thursday, 6 March, will focus on accounting of a different sort – accounting for protocol parameters through the IANA framework.

The IRTF open meeting on Wednesday, 5 March, will feature presentations from the two Applied Networking Research Prize winners attending the meeting:

The selection committee for the 2014 ANRP awards recently concluded its work of sifting through the highest number of nominations to date. The call for nominations for the 2015 award cycle will open in the autumn of 2014. Put it in your calendar now and submit your nominations when the time comes!

As already noted, we will also be holding the ISOC@IETF briefing panel to discuss the work of the IETF in the context of the Internet and the world at large. This time, during “Evolution of end-to-end: why the Internet is not like any other network” we’ll be doing a retrospective about the end-to-end principle of the Internet, and considering some predictions for its future relevance. The panel will be livestreamed as well, so plan to tune in.

If you want a quick overview of what happened at IETF 88 in Vancouver before you go to London, check out the latest edition of the IETF Journal (I also encourage you to subscribe to either the print or online version to receive future issues). We’re always interested in articles for upcoming issues, so if you’re following work at the London meeting and would be willing to provide an update, drop a line to ietfj-editor@isoc.org.

There’s lots going on at the upcoming IETF meeting, and whether you plan to be there or join remotely, there’s much to follow. Stay tuned for more topical updates from the Internet Society technical staff about pertinent technical sessions that are scheduled for IETF 89.

To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see http://dev.internetsociety.org/rough-guide-ietf89.