April 2016 archive

Call for Participation – DNSSEC Workshop at ICANN 56 in Helsinki, Finland on 27 June 2016 (Featured Blog)

Do you have an idea for an innovative use of DNSSEC or DANE? Have you recently deployed DNSSEC or DANE and have some "lessons learned" that you could share? Did you develop a new tool or service that works with DNSSEC? Have you enabled DNSSEC by default in your products? (And why or why not?) Do you have ideas about how to accelerate usage of new encryption algorithms in DNSSEC? More...

Call for Participation – DNSSEC Workshop at ICANN 56 in Helsinki, Finland on 27 June 2016 (Featured Blog)

More...

Call for Participation – ICANN 56 DNSSEC Workshop in Helsinki, Finland on 27 June 2016

ICANN56 Helsinki logoDo you have an idea for an innovative use of DNSSEC or DANE? Did you develop a new tool or service that works with DNSSEC? Have you recently deployed DNSSEC or DANE and have some “lessons learned” that you could share? Have you enabled DNSSEC by default in your products? (And why or why not?) Do you have ideas about how to accelerate usage of new encryption algorithms in DNSSEC?

We are seeking presenters on all these topics and more for the DNSSEC Workshop on June 27, 2016, at ICANN 56 in Helsinki, Finland. The full “Call for Participation” is found below.

If you have an idea and will be at ICANN 56 (or can get there), please send a brief email to dnssec-helsinki@isoc.org by Wednesday, May 18.

Thank you!


Call for Participation — ICANN DNSSEC Workshop at ICANN 56 in Helsinki, Finland

The DNSSEC Deployment Initiative and the Internet Society Deploy360 Programme, in cooperation with the ICANN Security and Stability Advisory Committee (SSAC), are planning a DNSSEC Workshop at the ICANN 56 meeting on 27 June 2016 in Helsinki, Finland. The DNSSEC Workshop has been a part of ICANN meetings for several years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments. For reference, the most recent session was held at the ICANN  55 meeting in Marrakech, Morocco, on 09 March 2016. The presentations and transcripts are available at: https://meetings.icann.org/en/marrakech55/schedule/wed-dnssec.

Examples of the types of topics we are seeking include:

1. DNSSEC Deployment Challenges

The program committee is seeking input from those that are interested in implementation of DNSSEC but have general or particular concerns with DNSSEC. In particular, we are seeking input from individuals that would be willing to participate in a panel that would discuss questions of the nature:
— What are your most significant concerns with DNSSEC, e.g., implementation, operation or something else?
— What do you expect DNSSEC to do for you and what doesn’t it do?
— What do you see as the most important trade-offs with respect to doing or not doing DNSSEC?

We are interested in presentations related to any aspect of DNSSEC such as zone signing, DNS response validation, applications use of DNSSEC, registry/registrar DNSSEC activities, etc.

2. DNSSEC by Default

As more and more applications and systems are available with DNSSEC enabled by default, the vast majority of today’s applications support DNSSEC but are not DNSSEC enabled by default. Are we ready to enable DNSSEC by default in all applications and services? We are interested in presentations by implementors on the reasoning that led to enable DNSSEC by default in their product or service. We are also interested in understanding those that elected not to enable DNSSEC by default and why, and what their plans are.

3. DNSSEC Encryption Algorithms

How do we make DNSSEC even more secure through the use of elliptic curve cryptography? What are the advantages of algorithms based on elliptic curves? And what steps need to happen to make this a reality? What challenges lie in the way? Over the past few months there have been discussions within the DNSSEC community about how we start down the path toward adding support for new cryptographic algorithms such as Ed25519 and Ed448. At ICANN 55 in Marrakech we had a panel session that explored why elliptic curve cryptography was interesting and some high level views on what needs to happen. At ICANN 56 we are interested in presentations that dive into greater detail about what needs to be done and how we start the process. More background information can be found in this document: https://datatracker.ietf.org/doc/draft-york-dnsop-deploying-dnssec-crypto-algs/

In addition, we welcome suggestions for additional topics.

If you are interested in participating, please send a brief (1-2 sentence) description of your proposed presentation to dnssec-helsinki@isoc.org by Wednesday, 18 May 2016.

We hope that you can join us.

Thank you,
Julie Hedlund

On behalf of the DNSSEC Workshop Program Committee:

Mark Elkins, DNS/ZACR
Cath Goulding, Nominet UK
Jean Robert Hountomey, AfricaCERT
Jacques Latour, .CA
Xiaodong Lee, CNNIC
Luciano Minuchin, NIC.AR
Russ Mundy, Parsons
Ondřej Surý, CZ.NIC
Yoshiro Yoneya, JPRS
Dan York, Internet Society

Call for Participation – DNSSEC Workshop at ICANN 56 in Helsinki, Finland on 27 June 2016

ICANN56 - Helsinki logoThe DNSSEC Deployment Initiative and the Internet Society Deploy360 Programme, in cooperation with the ICANN Security and Stability Advisory Committee (SSAC), are planning a DNSSEC Workshop at the ICANN 56 meeting on 27 June 2016 in Helsinki, Finland. The DNSSEC Workshop has been a part of ICANN meetings for several years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments. For reference, the most recent session was held at the ICANN  55 meeting in Marrakech, Morocco, on 09 March 2016. The presentations and transcripts are available at: https://meetings.icann.org/en/marrakech55/schedule/wed-dnssec.

Examples of the types of topics we are seeking include:

1. DNSSEC Deployment Challenges

The program committee is seeking input from those that are interested in implementation of DNSSEC but have general or particular concerns with DNSSEC. In particular, we are seeking input from individuals that would be willing to participate in a panel that would discuss questions of the nature:
— What are your most significant concerns with DNSSEC, e.g., implementation, operation or something else?
— What do you expect DNSSEC to do for you and what doesn’t it do?
— What do you see as the most important trade-offs with respect to doing or not doing DNSSEC?

We are interested in presentations related to any aspect of DNSSEC such as zone signing, DNS response validation, applications use of DNSSEC, registry/registrar DNSSEC activities, etc.

2. DNSSEC by Default

As more and more applications and systems are available with DNSSEC enabled by default, the vast majority of today’s applications support DNSSEC but are not DNSSEC enabled by default. Are we ready to enable DNSSEC by default in all applications and services? We are interested in presentations by implementors on the reasoning that led to enable DNSSEC by default in their product or service. We are also interested in understanding those that elected not to enable DNSSEC by default and why, and what their plans are.

3. DNSSEC Encryption Algorithms

How do we make DNSSEC even more secure through the use of elliptic curve cryptography? What are the advantages of algorithms based on elliptic curves? And what steps need to happen to make this a reality? What challenges lie in the way? Over the past few months there have been discussions within the DNSSEC community about how we start down the path toward adding support for new cryptographic algorithms such as Ed25519 and Ed448. At ICANN 55 in Marrakech we had a panel session that explored why elliptic curve cryptography was interesting and some high level views on what needs to happen. At ICANN 56 we are interested in presentations that dive into greater detail about what needs to be done and how we start the process. More background information can be found in this document: https://datatracker.ietf.org/doc/draft-york-dnsop-deploying-dnssec-crypto-algs/

In addition, we welcome suggestions for additional topics.

If you are interested in participating, please send a brief (1-2 sentence) description of your proposed presentation to dnssec-helsinki@isoc.org by Wednesday, 18 May 2016.

We hope that you can join us.

Thank you,
Julie Hedlund

On behalf of the DNSSEC Workshop Program Committee:

Mark Elkins, DNS/ZACR
Cath Goulding, Nominet UK
Jean Robert Hountomey, AfricaCERT
Jacques Latour, .CA
Xiaodong Lee, CNNIC
Luciano Minuchin, NIC.AR
Russ Mundy, Parsons
Ondřej Surý, CZ.NIC
Yoshiro Yoneya, JPRS
Dan York, Internet Society

Watch Live on Friday, 29 April – Kathy Brown At G7 ICT Multi-Stakeholder Conference

On Friday, April 29, you can watch leaders of the technical community, business and civil society address the G7 ICT Ministers at:

The Multi-Stakeholders Conference begins at 9:00 am Japan Standard Time (UTC+9), which is:

Dan York

Watch Live on Friday, 29 April – Kathy Brown At G7 ICT Multi-Stakeholder Conference

On Friday, April 29, you can watch leaders of the technical community, business and civil society address the G7 ICT Ministers at:

The Multi-Stakeholders Conference begins at 9:00 am Japan Standard Time (UTC+9), which is:

  • midnight UTC
  • 2:00 am Central European Time
  • 8:00 pm, Thursday, April 28, Eastern Daylight Time

Internet Society President and CEO Kathy Brown will speak as part of a panel starting at 10:45 am JST. The panel topic is “Sharing common thoughts about Internet governance and cybersecurity“. The other panelists are senior executives from Hitachi, NTT and BT Security. Kathy has published her thoughts about what she will say in the session.

The full agenda for the Multi-Stakeholder Conference is available on the G7 event site.

In preparation for the session, we encourage you to read:

During the event you can also follow our tweets on @ISOCPolicy .

The post Watch Live on Friday, 29 April – Kathy Brown At G7 ICT Multi-Stakeholder Conference appeared first on Internet Society.

Facebook Messenger Launches Group Conference Calls (Audio-only)

Continuing their efforts to be THE communication platform you use, the Messenger team at Facebook rolled out "group calling" this week within the Messenger app on iOS and Android. The new feature was announced by David Marcus, head of the FB Messenger team. Right now this is audio-only (i.e. not group video) and per media reports is limited to 50 participants.

I had to go to the AppStore and upgrade the Messenger app on my iPhone to the latest version, but once I did, I suddenly had a phone icon in the upper right corner of a group chat:

FB groupcalls 1

Tapping that phone icon brought me to a screen where I could choose which of the group members I wanted to bring into the group call:

FB groupcalls 2

After tapping "Call" in the lower right, Messenger launched the call and gave me feedback about who it was connecting, etc:

FB groupcalls 3

It then connected those who were available and four of us were in a group conference call:

FB groupcalls 4

As you can see in the screen captures, I had the standard buttons to mute my microphone and to activate the speakerphone.

AUDIO QUALITY - The audio quality was quite good. I couldn't find any technical info about what they are doing "under the hood" but one of the folks on the call understood that it was WebRTC-based, which would then imply the use of the excellent Opus audio codec. We experienced a couple of audio hiccups but nothing outside the normal VoIP experience and nothing that really detracted from the call. It certainly sounded like a rich, wideband-audio connection.

We didn't stay on the call for long as I didn't want to take their time (or my own), but exiting the call was simple and brought us right back into the group chat to continue our communication.

MOBILE-ONLY - One concern noted by a couple of folks was that the incoming audio call only rang on their tablet or phone, i.e. the iOS or Android app. It did not ring inside of Facebook in a desktop web browser or in the Messenger.com website.

Beyond that, though, it seemed a very straightforward and positive experience.

Now, Facebook Messenger is not the first to do this, of course. Skype has had group audio and video calls for years. As Venturebeat noted, in March of last year Line launched group calling for up to 200 people and WeChat added group audio and video calls in September.

Still, this is Facebook Messenger, with its 900 million users, providing yet another reason to NOT use traditional audio conferencing solutions.

I would suspect, too, that video conferencing can't be too far off, either, given that Facebook Messenger currently does let you do 1:1 video calls - and also that competitors offer group video calls.

It continues to be an absolutely fascinating time to watch the severe disruption of traditional telecommunications... and this move by Facebook is yet another example of how the ways we are communicating are changing.

What do you think? Will you use the group calling within Facebook Messenger?

Asia-Pacific Job Opening: Join Internet Society Deploy360 Programme to Promote IPv6, DNSSEC, More (Featured Blog)

Do you live in the Asia-Pacific region and are interested in accelerating the deployment of key technologies such as IPv6, DNSSEC, TLS or secure routing mechanisms? If so, my Internet Society colleagues involved with the Deploy360 Programme are seeking a "Technical Engagement Manager" based somewhere in the AP region. Find out more information about the position, the requirements and the process for applying. More...

Facebook Takes On Snapchat With Launch of "Messenger Codes" To Easily Connect Users

On the eve of Facebook's major "F8 Developer Conference" happening April 12-13, the company has launched a clear attack on Snapchat's "Snapcode" method of connecting users with their new "Messenger Codes". If you go into the newest version of Facebook Messenger on iOS (which is the only platform I have to test right at this moment) and click on the gear icon in the lower right labeled "Settings", you now see a brand new profile screen:

Facebook messenger code settings

There are two things to note here:

  1. The circular shaped code around my profile image; and
  2. The new short URL of m.me/dyork which brings me to a web version of Facebook Messenger. (More on that in a different post.)

The circular code clearly reminded me of Snapchat's "Snapcode", where mine is:

Snapcode dyork

And sure enough, when I clicked on the "People" icon at the bottom of the Messenger app, the first option on the top is "Scan Code":

Facebook messenger scan code

Since I had learned about these codes via a tweet from Chris Messina, I pointed my phone at my laptop screen where his Messenger Code was visible:

Fb messenger messina

As I got closer to the code, the Messenger app automagically recognized the code and put me into a message window with Chris:

Fb messenger messina success

I didn't chat with him as I didn't have a reason to do so and I don't recall us actually meeting. But I could ... it was this easy to get connected.

In a similar way to Snapchat, from the "Scan Code" window there is a symbol in the lower left corner that lets you access your phone's photos. So if you receive a Messenger Code via some other method (such as Twitter where people are already posting their codes using the #F8 hashtag) and save that image to your photos, you can access it from the "Scan Code" page and connect with the person.

From that same "Scan Code" page you can also tap "My Code" to see your code. Here's mine:

Fb my code

I can now share that Messenger Code out through the icon in the upper right and get it out into other social services (as I did on Twitter), or via text message, email, DropBox or anything else.

(Amusingly, while I could share the image out to Snapchat, the image is shared as square and since Snapchat uses full vertical images it cropped the image... meaning that the full Messenger Code would not be displayed and presumably would not work.)

So What?

At this point you may be saying "so what?" and wondering what value this really brings.

As I wrote about last year, messaging is all about "the directory dilemma", i.e.

People will only USE a communication application if the people they want to talk to are using the application.

It's all about having the most massive directory of users and growing that directory.

As Snapchat has demonstrated, the use of these "user codes" takes away the friction of figuring out how to connect with someone.

Over the past months a number of people I know have changed their Twitter and Facebook profile images to be their Snapcode. All I need to do, then, is point Snapchat on my phone toward their image and... ta da.. I can send them a connection request. No worry trying to look up their name... or figure out which of the many "Dan Yorks" I am if they are trying to connect to me.

Simple. Easy.

In many ways it's the proprietary version of QR codes... although focused on connecting two users rather than (as is often the case with a QR code) sending you to a web page or other site.

I expect we'll start seeing people change their Twitter profile photos to include their Facebook Messenger Code.

If people do, Facebook can steal the messaging from that rival platform. If you advertise your Messenger Code as the profile on another service, you are effectively saying "I prefer to get Facebook Messenger messages".

Take away the friction of connecting and let users advertise how to connect on your messaging platform.

If I were the organizer of an event, and I wanted to use FB Messenger as my primary messaging app, I could very easily see adding my Messenger Code to the event website, or even to printed flyers that might hang in a local coffee shop, library, gym, school or wherever...

Simple. Easy.

What About Brands? Facebook Pages?

I could see a huge benefit to brands to be able to publish these Messenger Codes, particularly with the expectation of "chat bots" being unveiled at F8 this week.

Again, from Facebook's point of view, this would keep the messaging within Facebook's walled garden, and continue to keep Facebook having the biggest directory of active users.

Tonight I couldn't discover anything similar in the Pages app or any other place. But you would think it would be coming... we'll have to stay tuned to F8 coverage this week to find out more.

What About Messaging Spam?

But if you publish your Messenger Code everywhere, what about spam?

Another good question... and since I published my Messenger Code on Twitter, perhaps I'll find out the answer over the next day or so! :-)

Perhaps Facebook will filter them all into the "Message Requests" that was very hard to find. I don't know! I have to think they will do something to ensure Messenger doesn't descend into the spam pit as email has.

How Else Can Messenger Codes Be Used?

We'll have to see what they tell us at the "F8 Developer Conference" this week... stay tuned!

What do you think about these Messenger Codes? Do you think it will help in connecting you with people? Will your promote your code? Or do you think it is all a waste of time? Let me know in the comments or on social media...