Categories
Deploy360 Events IETF IPv6

Deploy360@IETF99, Day 3: IPv6 & TLS

After a packed first couple of days, Wednesday at IETF 99 in Prague is a bit quieter for us. Each day we’re bringing you blog posts pointing out what Deploy360 will be focusing on.

There’s just the three working groups to follow today, starting at 09.30 CEST/UTC+2 with TLS. A couple of very important drafts up for discussion though, with both the TLS 1.3 and DTLS 1.3 specifications in last call. There’s also a couple of other interesting drafts relating to DANE record and DNSSEC authentication chain extension for TLS, and Data Center use of Static DH in TLS 1.3.


NOTE: If you are unable to attend IETF 99 in person, there are multiple ways to participate remotely.


Alternatively, there’s DMM that will be discussing at least one IPv6-relevant draft on the Applicability of Segment Routing IPv6 to the user-plane of mobile networks.

During the first afternoon session at 13.30 CEST/UTC+2, there’s DHC. This will continue to discuss four DHCPv6 related drafts, as well as hear about the DHCPv6 deployment experiences at Comcast.

Don’t forget that from 17.10 CDT/UTC-6 onwards will be the IETF Plenary Session. This is being held in Congress Hall I/II.

For more background, please read the Rough Guide to IETF 99 from Olaf, Dan, Andrei, Mat, Karen and myself.

Relevant Working Groups

Categories
Deploy360 IETF

Deploy360@IETF98, Day 4: IPv6, IoT & ACME

Thursday at week IETF 98 in Chicago is another mix of IPv6, the Internet-of-Things and TLS-related working groups. Each day we’re bringing you blog posts pointing out what Deploy360 will be focusing on.

The first session of the day is 6MAN which has a last call on updates to the IPv6 specification as currently defined in RFC 2460, RFC 4291, and RFC 1981. There are also two new drafts under discussion related to recommendations on IPv6 address usage  and temporary IPv6 interface identifiers, plus a draft describing how a Distributed Denial of Service (DDoS) Open Threat Signaling (DOTS) client can send a message over a congested network by tagging outgoing IPv6 packets in order to reach a DOTS server.

Three current drafts include a description of common functionality that should be required on all IPv6 hosts and routers that has been collected from other published IETF Standards Track documents, definition of a new control bit in an IPv6 router advertisement indicating that a receiving node is the exclusive receiver of all traffic destined to any address with that prefix, and providing a backward-compatible extension to the Redirect function in the IPv6 Neighbour Discovery protocol to allow routers to include information that a recipient can associate with the next hop.


NOTE: If you are unable to attend IETF 98 in person, there are multiple ways to participate remotely.


The afternoon sees ACME which has been developing a standards-based REST API allowing agent software to authenticate that a server controls a domain, request a certificate, and then install it on a server without human intervention. This session is discussing some changes to the ACME specification, as well as the next steps for the group with a view to re-chartering.

Finally, there are two working groups of interest during the evening session. DHC has three DHCPv6 related drafts on the agenda, whilst ROLL continues development of  several routing protocols for resource constrained nodes.

For more background, please read the Rough Guide to IETF 98 from Olaf, Dan, Andrei, Mat, Karen and myself.

Relevant Working Groups

Categories
Deploy360 Domain Name System Security Extensions (DNSSEC)

Deploy360@IETF97, Day 5: TLS, DNS, DHCPv6 & Annyeonghi Gaseyo

Seoul SkylineThe final day at a IETF is usually pretty quiet for us, but not at the IETF 97. There’s four sessions of interest before we bid farewell to Seoul.

The first session on Friday morning at 09.30 KST (UTC+9), see the second part of the TLS meeting continuing on from where it left off on Tuesday. After that, it requires a bit of a juggling act as the Dynamic Host Configuration, DNS PRIVate Exchange, and CURves, Deprecating and a Little more Encryption Working Groups all start at 11.50 KST (UTC+9).


NOTE: If you are unable to attend IETF 97 in person, there are multiple ways to participate remotely.


In DHC there’s a proposed update to the DHCPv6 specification to add prefix delegation and stateless DHCPv6, along with an updated draft on DHCPv4 over DHCPv6 that provides a mechanism for dynamically configuring IPv4 over an IPv6-only network.

DPRIVE is working on securing the connections between the DNS clients and the recursive resolvers, using TLS and/or DTLS. This meeting will focus on the TLS and EDNS padding profiles whereby DNS messages are increased by a variable number of bytes to limit how much correlation can be made with well-known unencrypted packets. There will also be a discussion about Phase 2 of the group’s activities.

That just leaves CURDLE which is working on the cryptographic security of a number of protocols. Its very full agenda includes the specification of new algorithms for DNSSEC, along with those for SSH and CMS.

With that, it’s goodbye from us and onwards to Chicago. Many thanks for reading along this week… please do read our other IETF 97-related posts … and we’ll see you at IETF 98 on 26-31 March 2017!

Relevant Working Groups: