Categories
Deploy360 IETF IPv6

Deploy360@IETF99, Day 1: IoT, IPv6 & SIDR

It’s another busy week at IETF 99 in Prague, and we’ll be bringing you daily blog posts that highlight what Deploy360 will be focused on during that day. And Monday sees a packed agenda with three working groups on the Internet-of-Things, a couple on routing, one on encryption, and an important IPv6 Maintenance WG session.

The day kicks off at 09.30 CEST/UTC+2 with 6MAN, and the big development is the move of the IPv6 specification to Internet Standard Status, as despite being widely deployed, IPv6 has remained a ‘Draft Standard’ since its original publication in 1998. There are also two working group drafts on updating the IPv6 Addressing Architecture as currently defined in RFC 4291, and on IPv6 Node Requirements as currently defined in RFC 6434. Other existing drafts up for discussion include recommendations on IPv6 address usage and on Route Information Options in Redirect Messages.

There are three new drafts being proposed, including one that covers scenarios when IPv6 hosts might not be able to properly detect that a network has changed IPv6 addressing and proposes changes to the Default Address Selection algorithm defined in RFC6724; another that proposes a mechanism for IPv6 hosts to retrieve additional information about network access through multiple interfaces; whilst the remaining draft defines the AERO address for use by mobile networks with a tethered network of IoT devices requiring a unique link-local address after receiving a delegated prefix.


NOTE: If you are unable to attend IETF 99 in person, there are multiple ways to participate remotely.


Running in parallel is ACE which is developing authentication and authorization mechanisms for accessing resources on network nodes with limited CPU, memory and power. Amongst the ten drafts on the agenda, there’s one proposing a DTLS profile for ACE.

Also at the same time is CURDLE which is chartered to add cryptographic mechanisms to some IETF protocols, and to make implementation requirements including deprecation of old algorithms. The agenda isn’t very comprehensive at the moment, but nine drafts were recently submitted to the IESG for publication, and what will certainly be discussed today is a draft on key change methods for SSH.

In the afternoon, Homenet is meeting from 13.30 CEST/UTC+2. This is developing protocols for residential networks based on IPv6, and will continue to discuss updated drafts relating to a name resolution and service discovery architecture for homenetshow the Babel routing protocol can be used in conjunction with the HNCP protocol in a Homenet scenario, and the use of .homenet as a special use top-level domain to replace .home. There are also three new drafts relating to the service discovery and registration aspects of Homenet.

Running in parallel is 6TiSCH. There will be summaries of the 1st F-Interop 6TiSCH Interoperability Event and OpenWSN Hackathon, followed by discussions on the updated drafts related to the 6top protocol that enables distributed scheduling, as well as a draft related to security functionality.

The later afternoon session sees SIDROPS meeting from 15.50 CEST/UTC+2. This is taking the technology developed by SIDR and is developing guidelines for the operation of SIDR-aware networks, as well as providing operational guidance on how to deploy and operate SIDR technologies in existing and new networks. One particularly interesting draft proposes to use blockchain technology to validate IP address delegation, whilst another describes an approach to validate the content of the RPKI certificate tree. A couple of other drafts aim to clarify existing approaches to RPKI validation.

Concluding the day is GROW during the evening session. This group looks at the operational problems associated with the IPv4 and IPv6 global routing systems, and whilst theres’s no agenda for this meeting yet, four new and updated drafts were recently published on more graceful shutting down of BGP sessions, how to minimise the impact of maintenance on BGP sessions, and extensions to the BGP monitoring protocol.

For more background, please read the Rough Guide to IETF 99 from Olaf, Dan, Andrei, Mat, Karen and myself.

Relevant Working Groups

Categories
Deploy360 IETF IPv6 Transport Layer Security (TLS)

Deploy360@IETF98, Day 2: IoT, IPv6, TLS & SIDR

Chicago Skyline aerial view with road by the beach

Tuesday is another busy day at IETF 98 in Chicago with sessions related to pretty much the whole Deploy360 portfolio. Each day we’re bringing you blog posts pointing out what Deploy360 will be focusing on.

The morning session sees TLS busy with a significant update to the TLS protocol which is now in Last Call. There’s a companion update to DTLS, and also on the agenda are drafts on a DANE Record and DNSSEC Authentication Change Extension for TLS, certificate compression, and delegated credentials. So it looks to be a very significant meeting.

Running at the same time is 6TiSCH. There will be further discussions on the draft that describes the architecture for running IPv6 over TSCH networks, two drafts related to the 6top protocol that enables distributed scheduling, as well as four drafts related to security functionality. There will also be an update on IEEE 802.15.4e developments, and introduction of a draft describing a joint scheduling architecture for deterministic industrial field and backhaul networks.


NOTE: If you are unable to attend IETF 98 in person, there are multiple ways to participate remotely.


It’s perhaps worth calling into the Internet Area Working Group after lunch. This acts as a forum for cross-area issues, and there’s one IPv6 related draft on the agenda concerning DHCPv6 Options for Discovery NAT64 Prefixes.

The second afternoon session sees the first meeting of the recently chartered SIDROPS. This has taken over the technology developed by SIDR and is developing guidelines for the operation of SIDR-aware networks, as well as providing operational guidance on how to deploy and operate SIDR technologies in existing and new networks.

On the agenda are two drafts outlining mitigating mechanisms for route leaks. One suggests an enhancement to BGP that would extend the route-leak detection and mitigation capability of BGPSEC, whilst the other proposes to enhance the BGP Open message to establish a relationship agreement between two BGP neighbouring speakers in order to enforce appropriate configuration on both sides.

Also running at the same time is UTA which has finished a number of pieces of work and will therefore focus on several drafts related to Strict Transport Security (STS) for mail transfer and user agents.

If all this isn’t enough, OPSEC is being held during the evening session where a draft on operational security considerations for IPv6 networks will be discussed. IPv6 presents some new security challenges, but this draft analyses the operational security issues for enterprises, service providers and residential users and proposes practical mitigation techniques.

For more background, please read the Rough Guide to IETF 98 from Olaf, Dan, Andrei, Mat, Karen and myself.

Relevant Working Groups