Categories
IETF Open Internet Standards

IETF Journal Volume 12, Issue 3 Now Online

The latest issue of the IETF Journal (Volume 12, Issue 3) is now available online: https://www.ietfjournal.org/journal-issues/march-2017/

Our cover article is a manifesto of why Internet-enabled businesses should care about the open standards and open source communities. We present the first two of a series of interviews with IETF leadership, in this case outgoing IETF chair Jari Arkko and his successor Alissa Cooper.

Also in this issue, you’ll learn about CodeStand, a new initiative that matches developers with coding projects related to IETF activity. We have several Working Group (ccamp, lwig, dhc) and BoF updates, a summary of the pre-IETF Hackathon, and an article about the Internet Society briefing panel on the topic: The I in IoT: Implications for a Global Open Internet. Our regular columns from the IETF, IAB, and IRTF chairs and coverage of the IAB technical plenary wrap up the issue.

You can read this issue online or download the full issue as a PDF. You can also keep up to date with the latest issue by subscribing to the IETF Journal as an email edition or have it delivered to your postal address in hardcopy.

IETF Journal is on Facebook (www.facebook.com/ietfjournal/) and Twitter (@ietfjournal).

Hard copies will be available as usual at the upcoming IETF 98 meeting from 26-31 March in Chicago, Illinois.

Many thanks to all our contributors. Please send any comments or suggestions for future issues to ietfjournal@isoc.org.

Categories
Deploy360 Events Internet of Things (IoT)

Deploy360@IETF97, Day 4: SIDR, TLS & Even More IPv6

seoul, south korea IETF 97Thursday at IETF 97 should prove to be interesting day with the Sunsetting IPv4 Working Group meeting again, along with IPv6, TLS and secure routing related sessions. Each day we’re bringing you blog posts pointing out what Deploy360 will be focusing on.

To kick off though, 6TiSCH is meeting at 09.30 KST (UTC+9) which is working on developing specifications for running IPv6 over the Time-Slotted Channel Hopping (TSCH) mode on IEEE 802.15.4 low-rate wireless personal area networks. There are a couple of interesting drafts related to the minimal security framework for 6TiSCH which describes the mechanism required to support secure initial configuration in a device being added to a 6TiSCH network, as well as the Secure Join protocol that defines a standard way of introducing new nodes into a 6tisch network that does not involve any direct manipulation of the nodes themselves.


NOTE: If you are unable to attend IETF 97 in person, there are multiple ways to participate remotely.


Following almost straight afterwards is the Sunsetting IPv4 Working Group starting at 11.10 KST (UTC+9). This will be discussing another new draft proposing that the IETF stops working on IPv4 except to address security issues or facilitate the transition to IPv6. As with the previous draft that proposed to move IPv4 to historic status, this one is probably unlikely to reach RFC status, but it’s sure to generate some interesting discussion.

In the afternoon, SIDR will be holding its session at 15.20 KST (UTC+9). This will mostly be focused on BGPSEC Router Certificate Profiles, along with Simplified Local Internet Number Resource Management with RPKI (SLURM) that provide ISPs with a way to make local assertions about private Internet Number Resources (INRs) while using RPKI assertions about all other INRs.

In parallel is the ACE meeting that has one TLS-related draft on the agenda. This defines a profile for delegating client authentication and authorisation by establishing a DTLS channel between resource-constrained nodes. This allows nodes to delegate management of authorisation information to a trusted host with limitations on processing power and memory.

For more background, please read the Rough Guide to IETF 97 from Olaf, Dan, Andrei, Mat, Karen and myself.

Relevant Working Groups:

Categories
Deploy360 Events IETF

Deploy360@IETF97, Day 3: IoT, PKI & Still More IPv6

img_6761 Wednesday at IETF 97 in Seoul is another busy day, with the primary focus being on the Internet-of-Things, but with other relevant sessions on PKI and routing. Each day we’re bringing you blog posts pointing out what Deploy360 will be focusing on.

The day opens with a choice between the Routing Over Low power and Lossy networks and Global Routing Operations Working Groups on Wednesday morning at 11.20 KST (UTC+9).

ROLL focuses on routing issues for low power devices using wireless or power line networks as existing routing protocols are not entirely satisfactory in these environments. Low power and lossy networks (LLN) are likely to be widely used to provision the Internet-of-Things, but this working group is only considering IPv6-based architectural frameworks for these application scenarios.

The agenda for GROW had still to be published at the time of writing, but there’s an IPv6-related draft currently under consideration. Default IPv4 and IPv6 Unicast EBGP Route Propagation Behavior Without Policies defines the default behavior of a BGP speaker when there is no import or export policy associated with a BGP session for a IPv4 or IPv6 Unicast Address Family.


NOTE: If you are unable to attend IETF 97 in person, there are multiple ways to participate remotely.


After lunch there’s again another choice to be made between the Home Networking and Automated Certificate Management Environment Working Groups at 13.30 KST (UTC+9).

Homenet is developing protocols for residential networks based on IPv6, and after a flurry of activity that saw RFCs 7787 and 7788 published earlier in the year, it has a relatively quiet agenda this time. However, there is a proposed update to the Home Networking Control Protocol (HNCP) specification to eliminate the recommendation for a default top-level name for local name resolution, whilst another on the Special Use Top Level Domain defines .homenet as special use top-level domain to replace .home as there is evidence that .home queries frequently leak out of their local environments and reach the root name servers. Last but not least, there’s an update to the Homenet Naming and Service Discovery Architecture that covers how services advertise and register themselves both on the homenet and public Internet.

ACME has been developing a standards-based REST API allowing agent software to authenticate that a server controls a domain, request a certificate, and then install it on a server without human intervention. This has been used in the Let’s Encrypt initiative, and the group will be discussing whether the draft specification is now ready to be considered for RFC status. There’s also a new draft on CAA Record Extensions for Account URI and ACME Method Binding to allow specific methods of domain control validation.

The day concludes with the Thing-to-Thing Research Group at 15.20 KST (UTC+9). This is investigating how to turn the Internet-of-Things in reality and will focus on security considerations, designing the Representational State Transfer (REST) guidelines for building distributed hypermedia systems, as well as CoMI/YANG as the standard data modelling language for IoT.

For more background, please read the Rough Guide to IETF 97 from Olaf, Dan, Andrei, Mat, Karen and myself.

Relevant Working Groups:

Categories
Deploy360 Domain Name System (DNS) Domain Name System Security Extensions (DNSSEC) IETF IPv6 Transport Layer Security (TLS)

Deploy360@IETF97, Day 2: DNS, TLS & More IPv6

Seoul SkylineTuesday at IETF 97 in Seoul represents something of a mixed bag, with sessions on IPv6 DNS and TLS. Each day we’re bringing you blog posts pointing out what Deploy360 will be focusing on.

First up is 6MAN on Tuesday morning at 09.30 KST (UTC+9). On the agenda are several updates to the IPv6 specification as currently defined in RFC 2460RFC 4291 and RFC 1981. Other drafts being discussed outline an optional mechanism for IPv6 Neighbour Discovery whereby hosts are instructed by routers to use router solicitations rather than multicast advertisements where it’s not desirable for all hosts to be continually woken-up; define a new control bit in IPv6 RA PIO flags to indicate that the receiving node is the exclusive receiver of traffic destined to any address within a prefix; specify requirements for IPv6 nodes; and specify a packet format for transporting IPv6 payloads to multiple IPv6 destinations using Bit Index Explicit Replication.


NOTE: If you are unable to attend IETF 97 in person, there are multiple ways to participate remotely.


There’s a clash between the Domain Name System Operations (dnsop) and Privacy Enhanced RTP Conferencing (perc) Working Groups on Tuesday afternoon at 13.30 KST (UTC+9). So we’ll be having to split our efforts between those, before heading to the Transport Layer Security (tls) Working Group for the evening session starting at 15.50 KST (UTC+9).

DNSOP is currently discussing several DNSSEC-related drafts. One recently submitted draft suggests an approach to managing Reverse DNS in IPv6 for Internet Service Providers, as the common practice of providing in.addr.arpa information using one PTR record for every IPv4 address does not scale with IPv6. There’s also a trance of other updates, including Signaling Trust Anchor Knowledge in DNSSEC which specifies two different ways validating resolvers to signal which keys are being used in their chain-of-trust; Managing DS records from parent via CDS/CDNSKEY which describe policies for signalling changes when undertaking key rollovers, and on Aggressive use of NSEC/NSEC3 resource records to allow DNSSEC validating resolvers to generate negative answers within a particular range as well as positive answers
from wildcards.

PERC will be discussing just a couple of Deploy360 relevant drafts. The first defines a DTLS tunneling protocol that enables a Media Distribution Device (MDD) to facilitate key exchange between an endpoint and a Key Management Function (KMF); whilst SRTP Double Encryption Procedures defines procedures to allow an intermediary node to manipulate RTP parameters while still providing strong end-to-end security.

That just leaves the first session of TLS which has several issues on the agenda. One is whether to rebrand the forthcoming TLS 1.3 to TLS 2.0 given the significant changes in the specification. Another is the ongoing draft defining a new TLS extension to allow clients to perform DANE authentication of a TLS server certificate without needing to perform additional DNS record lookups. Finally, Delegated Credentials for TLS describes a mechanism to allow TLS servers to make delegated changes to certificates or cryptographic algorithms without breaking compatibility with clients.

For more background, please read the Rough Guide to IETF 97 from Olaf, Dan, Andrei, Mat, Karen and myself.

Relevant Working Groups:

 

Categories
Deploy360 Events Internet of Things (IoT) IPv6

Deploy360@IETF97, Day 1: IPv6, Mobility & IoT

Seoul SkylineThere’s a lot going on this week at IETF 97 in Seoul, and we’ll be bringing you daily blog posts that point out what Deploy360 will be focused on during that day. And Monday is going to be no exception with a couple of IPv6-related working groups, along with sessions that are relevant to the Internet-of-Things and TLS.

The day beings with DMM on Monday morning at 09.30 KST (UTC+9). This focuses on mobile hosts on the Internet and particular the Mobile IPv6 protocol family, but will be discussing five drafts including the mobility needs for 5G wireless and extensions to the DHCPv6 protocol to enable mobile hosts to indicate the required mobility service type.


NOTE: If you are unable to attend IETF 97 in person, there are multiple ways to participate remotely.


There’s an unfortunate clash between V6OPS and the Crypto Forum sessions first thing after lunch at 13.30 KST (UTC+9).

V6OPS is always an important session for us though, and there are two new drafts being discussed on enterprise multihoming which aims to address the problem of connecting an enterprise site to multiple ISPs using provider-assigned addresses without the use of Network Address Translation; and on the reservation of the IPv6 prefix 64::/16 for use with IPv4/IPv6 translation mechanisms. There are also a couple of updates of previous drafts related to routing design choices when designing IPv6 networks, and solutions for addressing issues related to IPv6 deployment in community wi-fi scenarios.

The Crypto Forum Research Group is where cryptographic mechanisms and their applicability to the Internet get discussed. Perhaps the most interesting item will be the discussion on post-quantum cryptography which investigates how to secure public-private key algorithms from attacks from quantum computers.

Rounding off the day is LPWAN which makes its debut as a working group following a successful BoF at the previous IETF in Berlin. This meets on Monday afternoon at 15.50 KST (UTC+9) and aims to develop wireless protocols to connect battery-powered devices over significant distances using licence exempt bands. This is important for enabling a variety of IoT applications as most of these devices will be low powered and will need to utilise minimal bandwidth.

For more background, please read the Rough Guide to IETF 97 from Olaf, Dan, Andrei, Mat, Karen and myself.

Relevant Working Groups:

Categories
Deploy360 Domain Name System Security Extensions (DNSSEC) IPv6

Our Hot Topics @ IETF 97

Seoul SkylineNext week is IETF 97 in Seoul which is the second time the IETF has been held there. The Deploy360 team will be represented by Megan Kruse and Dan York this time, along with ISOC’s Chief Internet Technology Officer Olaf Kolkman. As always, we’ll be highlighting the latest IPv6, DNSSEC, Securing BGP, TLS and anti-spoofing developments.

Our colleagues are planning to cover the following sessions, so please come and say hello!

Monday, 14 November 2016

Tuesday, 15 November 2016

Wednesday, 16 November 2016

Thursday, 17 November 2016

Friday, 18 November 2016

The Internet Society has also put together its latest Rough Guide to the IETF 97, and will again be covering wider developments over on the Tech Matters Blog.  In particular, see:

If you can’t get to Berlin next week, you can attend remotely!  Just visit the IETF 96 remote participation page or check out http://www.ietf.org/live/ for more options.

Categories
IETF Internet of Things (IoT) Open Internet Standards Technology

Rough Guide to IETF 97: Internet of Things

The Internet of Things (IoT) is a buzzword around the Internet industry and the broader technology and innovation business. We are often asked what the IETF is doing in relation to IoT and in this short post for the IETF Rough Guide to IETF 97, I’d like to highlight some of the relevant sessions scheduled during the upcoming IETF 97 meeting in Seoul. First, though, I’d like to add a small advertisement for you to tune into the ISOC@IETF Briefing Panel on Tuesday, 15 November, during lunch on “The I in IoT: Implications for a Global Open Internet.” Registration to attend onsite is full, but you can watch the webcast live via this page.

Before talking about specific activities taking place in Seoul, I’d like to highlight a couple of recent IETF Journal articles that provide some background on IETF activity related to IoT. In “The Internet of Things Unchecked,” Dave Plonka provides a very timely call to take the threat posed by unmanaged IoT devices more seriously. Dave also includes some fascinating measurement results. “Low-Power Wide-Area Networks at the IETF” provides an excellent overview of the new breed of wireless technologies that are emerging to support a huge variety of IoT applications and introduces the new ipwave WG (more below). And finally, Samita Chakrabarti provides an update on the activity of the IPv6 over Networks of Resource-Constrained Nodes (6lo) Working Group that is developing specifications for running IPv6 over a range of wireless technologies suitable for IoT applications. More details of their meeting are provided below.

It’s also worth noting that the IAB is concerned about the risks posed by unmanaged IoT devices and recently held a workshop to discuss the challenges of providing software update mechanisms for constrained embedded devices. A draft report of the workshop proceedings is now available. The technical plenary in Seoul is also relevant and will include a moderated discussion of the recent Denial-of-Service attacks involving the use of compromised or misconfigured nodes and the architectural issues associated with the network being vulnerable to these attacks. There is some more detail here.

The Thing-to-Thing Research Group investigates open research issues in turning the IoT into reality. They will be meeting on Wednesday afternoon in Seoul to report out on various recent activities. The group will also be meeting jointly with the Information Centric Networking RG on Sunday November 13 in the morning (0900-1200), and there is a ‘Managing Networks of Things’ workshop taking place, also on Sunday, in the afternoon (1300-1700) at the Kensington Hotel Yoido.

The 6lo WG defines mechanisms to adapt IPv6 to a wide range of radio technologies, including “Bluetooth Low Energy” (RFC 7668), ITU-T G.9959 (as used in Z-Wave, RFC 7428), and the Digital Enhanced Cordless Telecommunications (DECT) Ultra Low Energy (ULE) cordless phone standard and the low-cost wired networking technology Master-Slave/Token-Passing (MS/TP) that is widely used over RS-485 in building automation. They will be meeting on Tuesday afternoon in Seoul.

The 6tisch WG was chartered in 2014 to enable IPv6 for the Time-Slotted Channel Hopping (TSCH) mode that was recently added to IEEE 802.15.4 networks. They are meeting on Thursday morning in Seoul.

Following on from a successful BoF meeting during IETF 96 in Berlin, the IPv6 over Low Power Wide-Area Networks (lpwan) WG has been chartered and will be meeting in Seoul for the first time. Typical LPWANs provide low-rate connectivity to vast numbers of battery-powered devices over distances that may span tens of miles, using license-exempt bands. This new WG will meet on Monday afternoon in Seoul.

Another relatively new WG is the IP Wireless Access in Vehicular Environments (ipwave) WG. This group’s primary deliverable is a specification for mechanisms to transmit IPv6 datagrams over IEEE 802.11-OCB mode. ipwave will meet on Wednesday afternoon in Seoul.

The core WG aims to extend the Web architecture to most constrained networks and embedded devices. This is one of the most active IoT working groups and they will be meeting twice in Seoul, on Wednesday afternoon and Friday morning.

Security for IoT is addressed in several WGs including the ace WG that is concerned with authenticated authorization mechanisms for accessing resources hosted on servers in constrained environments. ace will meet on Thursday afternoon.

Routing for IoT is tackled by the roll WG which focuses on routing protocols for constrained-node networks. Wednesday morning is the time for them to meet in Seoul.

Finally, in addition to the new protocols and other mechanisms developed by IETF working groups, IoT developers often benefit from additional guidance for efficient implementation techniques and other considerations. The Lightweight Implementation Guidance (lwig) WG is developing such documents and they will meet in Seoul on Thursday morning.

If you have an interest in how the IoT is developing and being standardised in the IETF, I hope to see you in person or online at some of these meetings during IETF 97.

Relevant Working Groups, BoFs, and Events at IETF 97

Technical Plenary
Wednesday, 16 November 2016, 1640-1910, Grand Ballrooms
Agenda: https://datatracker.ietf.org/meeting/97/agenda/ietf/

t2trg (Thing-to-Thing) RG
Wednesday, 16 November 2016, 1520-1620, Park Ballroom 1
Agenda: https://datatracker.ietf.org/meeting/97/agenda/t2trg/
Charter: https://irtf.org/t2trg

6lo (IPv6 over Networks of Resource-constrained Nodes) WG
Tuesday, 15 November 2016, 1550-1820, Grand Ballroom 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/6lo/
Documents: https://datatracker.ietf.org/wg/6lo/
Charter: http://datatracker.ietf.org/wg/6lo/charter/

6tisch (IPv6 over the TSCH mode of IEEE 802.15.4e) WG
Thursday, 17 November 2016, 0930-1100, Park Ballroom 1
Agenda: https://datatracker.ietf.org/meeting/97/agenda/6tisch/
Documents: https://datatracker.ietf.org/wg/6tisch/
Charter: http://datatracker.ietf.org/wg/6tisch/charter/

lpwan (IPv6 over Low Power Wide-Area Networks) WG
Monday, 14 November 2016, 1550-1750, Grand Ballroom 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/lpwan/
Documents: https://datatracker.ietf.org/group/lpwan/
Charter: https://datatracker.ietf.org/group/lpwan/charter/

core (Constrained RESTful Environments) WG
Wednesday, 16 November 2016, 1330-1500, Studio 2
Friday, 18 November 2016, 0930-1130, Studio 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/core/
Documents: https://datatracker.ietf.org/wg/core/
Charter: http://datatracker.ietf.org/wg/core/charter/

ace (Authentication and Authorization for Constrained Environments) WG
Thursday, 17 November 2016, 1520-1750, Studio 4
Agenda: https://datatracker.ietf.org/meeting/97/agenda/ace/
Documents: https://datatracker.ietf.org/wg/ace/
Charter: http://datatracker.ietf.org/wg/ace/charter/

roll (Routing Over Low power and Lossy networks) WG
Wednesday, 16 November 2016, 1110-1210, Park Ballroom 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/roll/
Documents: https://datatracker.ietf.org/wg/roll/
Charter: http://datatracker.ietf.org/wg/roll/charter/

lwig (Light-Weight Implementation Guidance) WG
Thursday, 17 November 2016, 1110-1210, Grand Ballroom 3
Agenda: https://datatracker.ietf.org/meeting/97/agenda/lwig/
Documents: https://datatracker.ietf.org/wg/lwig/
Charter: http://datatracker.ietf.org/wg/lwig/charter/

ipwave (IP Wireless Access in Vehicular Environments) WG
Wednesday, 16 November 2016, 1330-1500, Grand Ballroom 3
Agenda: https://datatracker.ietf.org/meeting/97/agenda/ipwave/
Documents: https://datatracker.ietf.org/wg/ipwave/
Charter: http://datatracker.ietf.org/wg/ipwave/charter/

Follow Us

There’s a lot going on in Seoul, and whether you plan to be there or join remotely, there’s much to monitor. To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see http://dev.internetsociety.org/rough-guide-ietf97.

Categories
Building Trust IETF Improving Technical Security Open Internet Standards Technology

Rough Guide to IETF 97: Internet Infrastructure Resilience

Let’s look at what’s happening in the IETF and the upcoming IETF 97 meeting in the area of Internet infrastructure resilience. My focus in this Rough Guide to IETF 97 post is primarily on the routing and forwarding planes and specifically routing security and unwanted traffic of DDoS attacks. There is interesting and important work underway at the IETF that can help address problems in both areas.

The Secure Inter-Domain Routing (SIDR, http://datatracker.ietf.org/wg/sidr/) WG has made a significant contribution to the area of routing security by developing the RPKI system and security extensions to BGP – BGPSEC. Its work is almost done, with the core specifications being either approved as IETF standards, or waiting in the IESG queue for approval.

Now the real focus is on the deployment of these technologies and related to this maintenance of the corresponding standards. This deployment must be properly handled to avoid the division of the Internet into separate networks.

A newly chartered SIDR Operations Working Group (sidrops) is aimed at developing guidelines for the operation of SIDR-aware networks, and providing operational guidance on how to deploy and operate SIDR technologies in existing and new networks.

From the charter (https://datatracker.ietf.org/wg/sidrops/charter/): “In the space of sidrops, the term operators will encompass a range of operational experience: CA Operators, Regional/National and Local Internet Registries, Relying Party software developers as well as the research/measurement community all have relevant operational experience or insight that this working group will consider in its work. The sidrops working group is focused on deployment and operational issues and experiences with SIDR technologies that are part of the global routing system, as well as the repositories and CA systems that form part of the SIDR architecture.”

The expectation is that the working group if formed will meet first at IETF 98. The proposed charter includes work items which are already underway.

In the area of route leaks there are still two proposals. One is an IDR WG document,“Methods for Detection and Mitigation of BGP Route Leaks”, where the authors suggest an enhancement to BGP that would extend the route-leak detection and mitigation capability of BGPSEC. Another is an independent submission “Route Leak Detection and Filtering using Roles in Update and Open messages”. This proposal enhances the BGP Open message to establish an agreement of the (peer, customer, provider, internal) relationship of two BGP neighboring speakers in order to enforce appropriate configuration on both sides. Propagated routes are then marked with a flag according to agreed relationship allowing detection and mitigation of route leaks.

There was no discussion of either approach on the mailing list, but a new version of “Route Leak Detection and Filtering using Roles in Update and Open messages” is on the agenda of the IDR WG meeting in Seoul.

Related to the forwarding plane and DDoS specifically, a few meetings ago a draft “BLACKHOLE BGP Community for Blackholing” was introduced initially to document a well-known community used for triggering blackholing at IXPs, similar to what DE-CIX is doing (https://www.de-cix.net/products-services/de-cix-frankfurt/blackholing). Several concerns about the risk of abusing IXPs as a “filtering sink of the internet,” for example by law enforcement, were raised that led to a more general document describing use of this attribute for just networks. The document was adopted by the GROW WG and is recently published as an informational RFC (https://datatracker.ietf.org/doc/rfc7999).

Also in the same problem area a DDoS Open Threat Signaling (DOTS, http://datatracker.ietf.org/wg/dots/) WG is making good progress. The goal of the group is to develop a communications protocol intended to facilitate the programmatic, coordinated mitigation of such attacks via a standards-based mechanism. This protocol should support requests for DDoS mitigation services and status updates across inter-organizational administrative boundaries.

The agenda of the WG meeting at IETF 97 contains discussion of use cases, requirements draft, architecture of the system, data and information model, including the telemetry specification.

I hope this work will lead to an effective solution for this huge problem of the Internet and facilitate necessary cooperation across network administrative domains.

Related Working Groups at IETF 97

SIDR (Secure Inter-Domain Routing) WG
Thursday, 17 November, 15:20-17:50, Studio 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/sidr/
Charter: https://datatracker.ietf.org/wg/sidr/charter/

GROW (Global Routing Operations) WG
Wednesday, 16 November, 11:10-12:10, Grand Ballroom 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/grow/
Charter: https://datatracker.ietf.org/wg/grow/charter/

IDR (Inter-Domain Routing Working Group) WG
Tuesday, 15 November, 15:50-18:20, Grand Ballroom 3
Agenda: https://datatracker.ietf.org/meeting/97/agenda/idr/
Charter: https://datatracker.ietf.org/wg/idr/charter/

DOTS (DDoS Open Threat Signaling) WG
Friday, 18 November, 09:30-11:30, Park Ballroom 1
Agenda: https://datatracker.ietf.org/meeting/97/agenda/dots/
Charter: https://datatracker.ietf.org/wg/dots/charter/

Follow Us

There’s a lot going on in Seoul, and whether you plan to be there or join remotely, there’s much to monitor. To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see https://dev.internetsociety.org/tag/ietf97/.

Categories
IETF IPv6 Open Internet Standards

Rough Guide to IETF 97: All About IPv6

In this post for the Internet Society Rough Guide to IETF 97, I’ll take a look at some recent IPv6 activity and what’s happening at IETF 97 in Seoul next week.

It’s been a good year for IPv6 with several sources indicating that global IPv6 adoption rates have increased by nearly 50% during 2016, with a number of large ISPs, mobile operators and content providers actively deploying the protocol. Whilst IPv6 has been supported by major operating systems for some time, native IPv6 is also increasingly being supported by applications and networks, thus reducing reliance on transition mechanisms and tunnelling. This in turn is improving the performance and reliability of IPv6, therefore increasing the chances of establishing an IPv6 connection in preference to one using IPv4.

IANA has recently been able to allocate an additional /18 from the recovered pool of IPv4 to each of the Regional Internet Registries, and has further allocations planned every six months until March 2019. However, if no more blocks are returned, then this will be the last allocation of IPv4 addresses. Furthermore, network operators have increasingly been running into limitations with the available size of private IPv4 space, especially for mobile markets and upon acquisition of other operators using overlapping addresses. The complexity this introduces is another reason why more operators are increasingly realising the need to deploy IPv6.

IPv6 therefore continues to be an important aspect of the standardisation work within the IETF, with both the IPv6 Operations (v6ops) and IPv6 Maintenance (6man) Working Groups meeting at IETF 97 in Seoul. We should highlight though, that the Sunsetting IPv4 Working Group will also be meeting on Thursday morning to discuss another new draft proposing that the IETF stops working on IPv4 except to address security issues or facilitate the transition to IPv6. A previous draft by the same author that proposed to move IPv4 to historic status and thereby no longer recommended for use on the Internet did not reach RFC status, although it generated some interesting discussion and thought as to whether the IETF should continue to work on IPv4 technologies.

The IPv6 Operations (v6ops) Working Group is fairly early in the week this time, meeting on Monday afternoon. There are four drafts up for discussion, including two new ones. The draft related to enterprise multihoming aims to define a solution to the problem of connecting an enterprise site to multiple ISPs using provider-assigned addresses without the use of Network Address Translation. The other new draft suggests reserving the IPv6 prefix 64::/16 for use with IPv4/IPv6 translation mechanisms.

An updated existing draft provides advice on routing-related design choices when designing IPv6 networks, and compares IPv4 and IPv6 best practices. Last but not least, there’s an update on the draft relating to unique IPv6 prefixes per host that aims to address certain issues related to IPv6 deployment in community wi-fi scenarios.

The IPv6 Maintenance (6man) Working Group meets on Tuesday morning to once again discuss a number of updates to the IPv6 specification as currently defined in RFC 2460, RFC 4291, and RFC 1981. Another draft outlines an optional mechanism for IPv6 Neighbour Discovery whereby hosts are instructed by routers to use router solicitations rather than multicast advertisements where it’s not desirable for all hosts to be continually woken-up (e.g. when in powered down mode).

Three other individually sponsored drafts define a new control bit in IPv6 RA PIO flags to indicate that the receiving node is the exclusive receiver of traffic destined to any address within a prefix; specify requirements for IPv6 nodes; and specify a packet format for transporting IPv6 payloads to multiple IPv6 destinations using Bit Index Explicit Replication, which is a method of multicasting.

The Homenet (homenet) Working Group develops protocols for residential networks based on IPv6, and will meet on Wednesday afternoon. Although normally one of the more active groups, it has a relatively quiet agenda this time after publishing RFCs 7787 and 7788 earlier in the year.

There’s a couple of new drafts though, one of which proposes an update to the Home Networking Control Protocol (HNCP) specification to eliminate the recommendation for a default top-level name for local name resolution ( https://tools.ietf.org/html/draft-ietf-homenet-redact-00). The other one defines .homenet as a special use top-level domain to replace .home as there is evidence that .home queries frequently leak out of their local environments and reach the root name servers ( https://tools.ietf.org/html/draft-pfister-homenet-dot-00). There’s also an updated draft being discussed ( https://tools.ietf.org/html/draft-lemon-homenet-naming-architecture-01) on the Homenet Naming and Service Discovery Architecture that covers how services advertise and register themselves both on the homenet and public Internet

The IPv6 over Networks of Resource-Constrained Nodes (6lo) Working Group is meeting on Tuesday afternoon, and has a very full agenda with two new drafts and five updated drafts up for discussion. The two drafts of wider interest are probably those on 6lo Applicability and Use Cases which describe practical deployment scenarios, and on 6lo privacy threats.

The IPv6 over the TSCH mode of IEEE 802.15.4e (6tisch) Working Group is meeting on Thursday morning, and will consider drafts related to scheduling and security issues. There are particularly interesting drafts on the minimal security framework for 6TiSCH which describes the mechanism required to support secure initial configuration in a device being added to a 6TiSCH network, as well on the Secure Join protocol that defines a standard way of introducing new nodes into a 6tisch network that does not involve any direct manipulation of the nodes themselves.

We don’t often cover the Distributed Mobility Management (dmm) Working Group which focuses on providing solutions for traffic management when mobile hosts or mobile networks change their point of attachment to the Internet. In particular, it has responsibility for maintaining the Mobile IPv6 protocol family, but DMM solutions are not required to support IPv4. This working group will be meeting first thing on Monday morning, and will be discussing five drafts including the mobility needs for 5G wireless ( https://tools.ietf.org/html/draft-ietf-dmm-distributed-mobility-anchoring-02), and extensions to the DHCPv6 protocol to enable mobile hosts to indicate the required mobility service type ( https://tools.ietf.org/html/draft-moses-dmm-dhcp-ondemand-mobility-04).

Finally, there are a couple of IPv6-related drafts in the Dynamic Host Configuration (dhc) Working Group on Friday morning. There is a proposed update to DHCPv6 as currently defined in RFC 3315 which adds prefix delegation and stateless DHCPv6. Meanwhile there’s another updated draft on DHCPv4 over DHCPv6 that provides mechanism for dynamically configuring IPv4 over an IPv6-only network.

At the Internet Society, we continue to promote IPv6 deployment. You can check out the World IPv6 Launch measurements for our latest measurements of IPv6 around the globe: http://www.worldipv6launch.org/measurements

You can also check out the Deploy360 online resources for getting started with IPv6 deployment:

And you can read more about other topics of interest to the technology programs of the Internet Society in the rest of our Rough Guide to IETF 97 posts.

IPv6-related Working Groups at IETF 97:

v6ops (IPv6 Operations) WG
Monday, 14 November 1330-1530 UTC+9, Grand Ballroom 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/v6ops/
Documents: https://datatracker.ietf.org/wg/v6ops/documents/
Charter: https://datatracker.ietf.org/wg/v6ops/charter/

6man (IPv6 Maintenance ) WG
Tuesday, 15 November 0930-1200 UTC+9, Grand Ballroom 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/6man/
Documents: https://datatracker.ietf.org/wg/6man/documents/
Charter: https://datatracker.ietf.org/wg/6man/charter/

Homenet (Home Networking) WG
Wednesday, 16 November 1330-1500 UTC+9, Grand Ballroom 1
Agenda: https://datatracker.ietf.org/meeting/97/agenda/homenet/
Documents: https://datatracker.ietf.org/wg/homenet/documents/
Charter: https://datatracker.ietf.org/wg/homenet/charter/

6lo (IPv6 over Networks of Resource Constrained Nodes) WG
Tuesday, 15 November 1550-1820 UTC+9, Grand Ballroom 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/6lo/
Documents: https://datatracker.ietf.org/wg/6lo/documents/
Charter: https://datatracker.ietf.org/doc/charter-ietf-6lo/

6tisch (IPv6 over the TSCH mode of IEEE 802.15.4e)
Thursday, 17 November 0930-1100 UTC+9, Park Ballroom 1
Agenda: https://datatracker.ietf.org/meeting/97/agenda/6tisch/
Documents: https://datatracker.ietf.org/wg/6tisch/documents/
Charter: https://datatracker.ietf.org/doc/charter-ietf-6tisch/

dmm (Distributed Mobility Manager) WG
Monday, 14 November 0930-1200 UTC+9, Studio 4
Agenda: https://datatracker.ietf.org/meeting/97/agenda/dmm/
Documents: https://datatracker.ietf.org/wg/dmm/documents/
Charter: https://datatracker.ietf.org/wg/dmm/charter/

dhc (Dynamic Host Configuration) WG
Friday, 18 November 1150-1320 UTC+9, Park Ballroom 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/dhc/
Documents: https://datatracker.ietf.org/wg/dhc/documents/
Charter: https://datatracker.ietf.org/wg/dhc/charter/

sunset4 (Sunsetting IPv4)
Thursday, 17 November 1110-1210 UTC+9, Studio 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/sunset4/
Documents: https://datatracker.ietf.org/wg/sunset4/documents/
Charter: https://datatracker.ietf.org/doc/charter-ietf-sunset4/

Follow Us

There’s a lot going on in Seoul, and whether you plan to be there or join remotely, there’s much to monitor. To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see https://dev.internetsociety.org/tag/ietf97/.

Categories
Building Trust IETF Open Internet Standards Technology

Rough Guide to IETF 97: Scalability and Performance

In this first post of the Internet Society Rough Guide to IETF 97, I’ll highlight some of the Internet Engineering Task Force (IETF) and Internet Research Task Force (IRTF) groups meeting during the IETF 97 meeting in Seoul next week. These groups are working to explore and address more sophisticated ways to use and share available bandwidth, improve Internet performance, and otherwise efficiently get Internet content to where it needs to be.

There is one relevant Birds-of-a-Feather (BoF) meeting in Seoul on BANdwidth Aggregation for interNet Access (banana). This BOF will discuss methods to take advantage of multiple access links, provided by one or more access providers, in cases where end nodes and applications may not be multi-access aware. Use of multiple access links could provide bandwidth aggregation when multiple links are available (i.e. improved performance), and session continuation when a link becomes unavailable (i.e. increased reliability). The banana BoF is on Thursday afternoon.

One technology that could be used to address the banana BoF requirements is multipath TCP and the latest issue of IETF Journal includes an article from Olivier Bonaventure and SungHoon Seo on ‘Multipath TCP Deployments‘. The mptcp WG will be meeting on Monday afternoon in Seoul to discuss the latest developments and proposed improvements to the protocol.

QUIC, developed by Google, is a UDP-based transport protocol that provides multiplexed streams over an encrypted transport. QUIC aims to be nearly equivalent to an independent TCP connection, but with much reduced latency and better stream multiplexing support. You can read more about QUIC in this IETF Journal article. After a successful BoF meeting at IETF 96 in Berlin, a new WG has been formed to standardize QUIC’s core transport protocol and the mapping of the transport protocol to the facilities of TLS. The new quic WG is meeting on Tuesday morning in Seoul.

Measurement techniques and data sources that could help us to make better engineering decisions to work around some of the rigidity in the protocol stack will be the subject of the newly-chartered Measurement and Analysis for Protocols (maprg) research group meeting on Thursday morning.

Packet networks give rise to transient congestion by design and several groups are meeting to discuss different aspects of congestion control and avoidance. The Internet Congestion Control research group (iccrg) will meet on Tuesday afternoon to discuss some of the latest innovations and thinking in relation to congestion control and managing congestion on the Internet. A highlight of their agenda is a presentation and discussion of the new BBR congestion controller from Google. The RTP Media Congestion Avoidance Techniques (rmcat) working group is developing and evaluating congestion control algorithms to handle the emerging use of the Internet for real-time audio and video communication. rmcat will meet on Thursday afternoon in Seoul. Modifications to the functioning of TCP are proposed, presented and discussed in the tcpm WG which will meet on Monday morning in Seoul.

For regulators, being able to monitor the performance of networks, and the extent to which congestion or other factors are impacting consumers’ experience of the network is very important. The lmap working group is meeting on Thursday afternoon in Seoul to advance their important work on standardizing a large-scale broadband performance measurement infrastructure. In turn, lmap makes use of metrics defined by the ippm WG and the latter is meeting in Seoul on Monday afternoon.

And last but not least, the tsvarea open meeting will take place on Tuesday afternoon and will include a report from the recent NetDev 1.2 conference in Tokyo. NetDev is the technical conference on Linux networking and presentations there included many innovations that will be finding their way into mainstream Linux and other operating systems in future.

Related Working Groups and BoFs at IETF 97

banana (BANdwidth Aggregation for interNet Access) BoF
Thursday, 17 November 2016, 1330-1500, Park Ballroom 1
Agenda: https://datatracker.ietf.org/meeting/97/agenda/banana/

maprg (Measurement and Analysis for Protocols) RG
Thursday, 17 November 2016, 0930-1100, Grand Ballroom 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/maprg/
Charter: https://datatracker.ietf.org/doc/charter-irtf-maprg/

iccrg (Internet Congestion Control) RG
Tuesday, 15 November 2016, 1550-1820, Studio 4
Agenda: https://datatracker.ietf.org/meeting/97/agenda/iccrg/
Charter: https://datatracker.ietf.org/doc/charter-irtf-iccrg/

lmap (Large-Scale Measurement of Broadband Performance) WG
Thursday, 17 November 2016, 1330-1500, Studio 3
Agenda: https://datatracker.ietf.org/meeting/97/agenda/lmap/
Documents: https://datatracker.ietf.org/group/lmap/documents/
Charter: https://datatracker.ietf.org/group/lmap/charter/

rmcat (RTP Media Congestion Avoidance Techniques) WG
Thursday, 17 November 2016, 1520-1750, Studio 3
Agenda: https://datatracker.ietf.org/meeting/97/agenda/rmcat/
Documents: https://datatracker.ietf.org/group/rmcat/documents/
Charter: https://datatracker.ietf.org/group/rmcat/charter/

quic (QUIC) WG
Tuesday, 15 November 2016, 0930-1200, Grand Ballroom 1
Agenda: https://datatracker.ietf.org/meeting/97/agenda/quic/
Documents: https://datatracker.ietf.org/group/quic/documents/
Charter: https://datatracker.ietf.org/group/quic/charter/

tcpm (TCP Maintenance and Minor Extensions) WG
Monday, 14 November 2016, 0930-1000, Park Ballroom
Agenda: https://datatracker.ietf.org/meeting/97/agenda/tcpm/
Documents: https://datatracker.ietf.org/group/tcpm/documents/
Charter: https://datatracker.ietf.org/group/tcpm/charter/

mptcp (Multipath TCP) WG
Monday, 14 November 2016, 1330-1530, Park Ballroom 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/mptcp/
Documents: https://datatracker.ietf.org/group/mptcp/documents/
Charter: https://datatracker.ietf.org/group/mptcp/charter/

ippm (IP Performance Metrics) WG
Monday, 14 November 2016, 1550-1750, Studio 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/ippm/
Documents: https://datatracker.ietf.org/group/ippm/documents/
Charter: https://datatracker.ietf.org/group/ippm/charter/

tsvarea (Transport Area Open Meeting)
Tuesday, 15 November 2016, 1330-1500, Grand Ballroom 2
Agenda: https://datatracker.ietf.org/meeting/97/agenda/tsvarea/

Follow Us

There’s a lot going on in Seoul, and whether you plan to be there or join remotely, there’s much to monitor. To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see http://dev.internetsociety.org/rough-guide-ietf97.

Categories
IETF Open Internet Standards Technology

Rough Guide to IETF 97: Standards Body & Seoul

It’s time for the third and last IETF meeting of 2016. Starting on Sunday, 13 November, the Internet Engineering Task Force will be in Seoul, South Korea, for IETF 97, where about 1000 engineers will discuss the latest issues in open internet standards and protocols. As usual, the Internet Society is providing a ‘Rough Guide’ to the IETF via a series of blog posts on topics of mutual interest:

  • Scalability & Performance
  • Internet Infrastructure Resilience
  • Internet of Things
  • IPv6
  • DNSSEC, DANE and DNS Security
  • Trust, Identity, and Privacy
  • Encryption

All these posts can be found and will be archived, through our Rough Guide to IETF 97 overview page.

Here are some of the activities that the Internet Society is involved in and some of my personal highlights.

IETF Journal

Catch up on highlights from IETF 96 in Berlin by reading the IETF Journal. You can read all the articles online at https://www.ietfjournal.org, or pick up a hard copy in Seoul.

Our cover article, “The Internet of Things Unchecked,” is a very timely call to take more seriously the threat posed by the Internet of Things to Internet performance, reliability, and security. We also have several Working Group and Birds-of-a-Feather updates, a readout from the Hackathon, an article about the deployment of Multipath TCP, and a discussion on some of the history behind the GAIA Research Group’s recent output. And don’t miss our coverage of Ross Callon’s provocative presentation to the IETF plenary. Finally, you’ll find our regular columns from the IETF, IAB, and IRTF chairs.

Want to write for the Journal? Email us at ietfjournal@isoc.org. Want to subscribe?

We’re also continuing our translations into both Russian and Spanish for this version. Both will be available in a few weeks. Watch the Internet Technology Matters blog for announcements. (And if you’d like to translate the Journal into your language, contact us!)

ISOC@IETF Briefing Panel

We will again host a briefing panel during lunch on Tuesday, 15 November called, “The I in IoT: Implications for a Global Open Internet.”

What are the implications of the Internet of Things (IoT) on the global Internet, from architectural, interoperability, and security perspectives? Is the end-to-end principle of the global internet still relevant? What can the communities represented at the IETF do to address these implications? In this lunchtime panel during IETF 97, panellists will discuss how the IoT interacts with, and potentially challenges, a global, open Internet.

We will explore how the internet shapes the design of smart objects, and how they, in turn, will shape the architecture of the internet. Are there general guidelines on security and overall behaviour for these new devices? What should designers of smart object architectures take into account because of the interaction between devices and the internet?

Registration to attend onsite in Seoul will open on 8 November in two batches for time zone equality. It will also be webcast; you can watch the webcast free with no registration required. Watch the Internet Technology Matters blog for announcements on webcast and registration information.

IRTF and ANRP

Through the Applied Networking Research Prize (ANRP), supported by the Internet Society, the Internet Research Task Force (IRTF) recognizes the best new ideas in networking, and brings them to the IETF, especially in cases where the ideas are relevant for transitioning into shipping Internet products and related standardization efforts. Six submissions have been awarded prizes in 2016. Two winners will present their work at the IRTF Open Meeting on Monday, 14 November at 3:50 PM.

· Olivier Tilmans for the Fibbing architecture that enables central control over distributed routing:
Stefano Vissicchio, Olivier Tilmans, Laurent Vanbever and Jennifer Rexford. Central Control Over Distributed Routing. Proc. ACM SIGCOMM, London, UK, August 2015.

· Benjamin Hesmans for enabling applications to control how Multipath TCP transfers data:
Benjamin Hesmans, Gregory Detal, Sebastien Barre, Raphael Bauduin and Olivier Bonaventure. SMAPP: Towards Smart Multipath TCP-enabled APPlications. Proc. ACM CoNEXT, Heidelberg, Germany, December 2015.

Hackathon

Right before IETF 97, the IETF is holding another Hackathon to encourage developers to discuss, collaborate and develop utilities, ideas, sample code, and solutions that show practical implementations of IETF standards. The Hackathon is free to attend but has limited seats available.

Technologies from past Hackathons include DNS, HTTP 2.0, NETVC, OpenDaylight, ONOS, VPP/FD.io, RiOT, SFC, TLS 1.3, WebRTC, YANG/NETCONF/RESTCONF. Details on all planned technologies will be listed on the IETF 97 Meeting Wiki.

Technical Plenary

One of the week’s highlights will be the technical plenary on Wednesday, November 16, 16:40-19:10, which will feature “Attacks Against the Architecture”, a discussion about large-scale attacks, how they leverage the Internet architecture and possible ways to think about solutions.

Jonathan Postel Award

The Postel Award was established by the Internet Society to honour individuals or organizations that, like Jonathan Postel, have made outstanding contributions in service to the data communications community. The award is focused on sustained and substantial technical contributions, service to the community, and leadership. The Award Ceremony will take place on Wednesday, 16 November (16:40 – 19:10 local time) during the Operations and Administration Plenary.

Birds of a Feather (BoF) Sessions

Another major highlight of every IETF is the new work that gets started in birds-of-a-feather (BoF) sessions. Getting new work started in the IETF usually requires a BoF to discuss goals for the work, the suitability of the IETF as a venue for pursuing the work, and the level of interest in and support for the work. There are two BoFs happening in Seoul:

  • BANdwidth Aggregation for interNet Access (banana)
    Thursday, 18 November, 1:30-3:00PM
    Discusses how services that provide coordinated Internet Access to a home network or mobile device over multiple links of different types can be used to provide a better customer experience and lower operator costs by allowing increased bandwidth utilization, load-balancing and higher reliability.
  • Bundled Domains (dnsbundled)
    Wednesday, 16 November, 9:30-11:00AM
    Discusses a DNS solution for fully mapping one domain name to another domain name. With the emergence of internationalized domain names and new TLDs, it is often useful to redirect one domain name tree fully to another domain name tree.

Follow Us

A lot is going on in Seoul, and whether you plan to be there or join remotely, there’s much to monitor. To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see http://dev.internetsociety.org/rough-guide-ietf97.

Categories
Domain Name System (DNS) Domain Name System Security Extensions (DNSSEC) IETF Improving Technical Security Privacy

Rough Guide to IETF 97: DNSSEC, DANE and DNS Privacy and Security

DNS privacy will get a good bit of focus at the IETF 97 meeting in Seoul with a special tutorial as well as a meeting of the DPRIVE working group and activity in the IETF 97 Hackathon. DNS privacy will also come up in the DNSSD group this time, too. The DNS Operations working group will meeting and a new DNS BOF will take place. In contrast to the past few meetings, the Using TLS in Applications (UTA) working group where DANE has been discussed will not meet as their work is moving along on the mailing lists. Similarly, the DANE working group felt that work was moving along and no physical meeting was needed.

DNS Privacy Tutorial – Streamed Live On YouTube

On Sunday, November 13, one of the education tutorials will focus on DNS privacy and the work emerging out of the DPRIVE Working Group related to protecting the confidentiality of your DNS queries. Sara Dickinson will be leading this session and I expect it will be quite good. The session will be from 13:45-14:45 KST (UTC+9). The good news for anyone remote is that it will be streamed live on YouTube – it will also be available at that URL as a recording for those who can’t tune in live.

IETF 97 Hackathon

Over the weekend (12-13 Nov) we’ll have a good-sized “DNS team” in the IETF 97 Hackathon working on various projects around DNSSEC, DANE, DNS Privacy, using DNS over TLS and much more. You can also get more info in the IETF 97 Hackathon wiki. Anyone is welcome to join us for part or all of that event.

DNS Operations (DNSOP)

The DNS Operations (DNSOP) Working Group meets on Tuesday afternoon from 13:30-15:30. Unfortunately at the time I am writing this post the DNSOP agenda does not have many details. There are a significant number of documents under discussion on the mailing list and I expect a busy session.

I am not sure if there will be discussion of the Internet Draft on DNSSEC cryptographic algorithm agility in the meeting, but I do intend to meet with the other authors to plan our next steps.

DNSBUNDLED Birds of a Feather (BOF) session

On Wednesday morning from 9:30-11:00 there will be a BOF about “bundled domains”. It’s an interesting issue:

Bundled Domain will work on a DNS solution for fully mapping one domain name to another domain name. With the emergence of internationalized domain names and new TLDs, it is often useful to redirect one domain name tree fully to another domain name tree. Current DNS protocols have not provided such ability to satisfy these requirements.

These documents – draft-yao-bundled-name-problem-statement and draft-yao-dnsext-identical-resolution - go into more detail. The security issue here is really to understand how solutions here might work in a world of DNSSEC.

This BOF is not looking to form a working group but rather to identify work to be done by the IETF in general.

DNS Service Discovery (DNSSD)

On Thursday, the  Extensions for Scalable DNS Service Discovery (DNSSD) Working Group meets in the morning from 9:30-11:00am. DNSSD is not one of the groups we regularly mention as its focus is around how DNS can be used to discover services available on a network (for example, a printer or file server). But this time the DNSSD agenda includes specific discussion around the privacy of DNS queries when used in this context.

DNS Privacy (DPRIVE)

The DNS Privacy (DPRIVE) Working Group drew the short straw this IETF meeting and wound up in the last session block on Friday afternoon from 11:50-13:20. Regardless of how many people will be there, discussion should be lively as the group looks at expanding its efforts in a “Step 2” block of work. 

To date, DNS privacy work right now has been focused around using DNS over TLS from the stub resolver on a computer or device to the recursive resolver. This has been defined in RFC 7858 published in May 2016 and several other related documents are in the path to publishing (including using DNS over DTLS).

But back with the DPRIVE BoF first took place there was recognition that the next step was to look at protecting the privacy of queries between the recursive resolver and the authoritative servers. It was decided to focus on the stub-to-recursive area first, but now that that work is finishing up, Stephane Bortzmeyer will lead a discussion about moving on to the recursive-to-authoritative space. He’s written a draft that explores this issue. The outcome of the discussion will guide the future work of DPRIVE.

DNSSEC Coordination informal breakfast meeting

Finally, on Friday morning before the sessions start we are planning an informal gathering of people involved with DNSSEC. We’ve done this at many of the IETF meetings over the past few years and it’s been a good way to connect and talk about various projects. True to the “informal” nature, we’re not sure of the location and time yet (and we are not sure if it will involve food or just be a meeting). If you would like to join us, please drop me an email or join the dnssec-coord mailing list.

Other Working Groups

We will be monitoring the TLS WG, particularly given the focus on TLS 1.3, the Security Area open meeting and other similar sessions. The DNSSD working group will also be meeting although it’s not clear that security topics will be covered there right now.

It will be busy week!

P.S. For more information about DNSSEC and DANE and how you can get them deployed for your networks and domains, please see our Deploy360 site:

Relevant Working Groups at IETF 96:

DNSOP (DNS Operations) WG
Tuesday, 15 November 2016, 1330-1530 KST (UTC+9), Grand Ballroom 1
Agenda: https://datatracker.ietf.org/meeting/97/agenda/dnsop/
Documents: https://datatracker.ietf.org/wg/dnsop/
Charter: http://tools.ietf.org/wg/dnsop/charters/

DNSBUNDLED (Bundled Domains) BOF 
Wednesday, 16 November 2016, 930-1100 KST (UTC+9), Grand Ballroom 1
Problem statement: draft-yao-bundled-name-problem-statement/ 
Charter: http://tools.ietf.org/wg/dnsbundled/charters/

DNSSD (Extensions for Scalable DNS Service Discovery) WG 
Thursday, 17 November 2016, 0930-1100 KST (UTC+9), Studio 4
Agenda: https://datatracker.ietf.org/meeting/97/agenda/dnssd/ 
Documents: https://datatracker.ietf.org/wg/dnssd/ 
Charter: http://tools.ietf.org/wg/dnssd/charters/

DPRIVE (DNS Privacy) WG
Friday, 18 November 2016, 1150-1320 KST (UTC+9), Grand Ballroom 1
Agenda: https://datatracker.ietf.org/meeting/97/agenda/dprive/
Documents: https://datatracker.ietf.org/wg/dprive/
Charter: http://tools.ietf.org/wg/dprive/charters/

Follow Us

There’s a lot going on in Seoul, and whether you plan to be there or join remotely, there’s much to monitor. To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see http://dev.internetsociety.org/rough-guide-ietf97.