Just a guy in Vermont trying to connect all the dots...
Dan York
Author's posts
Nov 01
Rough Guide to IETF 88: DNSSEC, DANE and DNS
On the Internet, the Domain Name System (DNS) performs the critical role of translating human-readable domain names into the underlying IP addresses needed by computers to connect. The challenge is that attackers can subvert and modify DNS messages with the result that users and applications can be directed to wrong (and potentially malicious) sites. In response to this threat, the IETF community created DNS Security Extensions (DNSSEC), which is now being deployed across the Internet.
Dan York
Oct 31
7 Of The Many Sessions About IPv6 Next Week At IETF 88
The great news for IPv6 advocates about IETF 88 in Vancouver next week is that IPv6 is everywhere! All throughout the IETF 88 agenda you can find IPv6 in various different groups. IPv6 is definitely “the new normal” and that shows!
Our colleague Phil Roberts posted today “Rough Guide to IETF 88: All About IPv6” where he highlights the major working groups that are tackling IPv6 topics. There is a great amount of activity going on and Phil’s post gives a good sense of the range of work. You can expect to find our Deploy360 team in pretty much all of these working groups monitoring what’s going on and contributing where appropriate.
To Phil’s excellent list of Working Group sessions related to IPv6 I’d add only one more that is important from a deployment/operationalization point of view. The OPSEC Working Group has two drafts on its agenda that are both focused on IPv6 security. With that, here is a list of some of the major groups doing IPv6 work next week… as I mentioned, you wind up finding IPv6 across all the many different groups, but here are some of the major ones.
NOTE: If you are not going to be in Vancouver next week, there are multiple ways that you can participate remotely in these working groups, including audio streams and Jabber chat rooms.
- v6ops (IPv6 Operations) WG
Agenda: https://datatracker.ietf.org/meeting/88/agenda/v6ops/
Charter: https://datatracker.ietf.org/wg/v6ops/charter/
(4 November 2013, 1740-1940, 6 November 1300-1500)
- 6man (IPv6 Maintenance) WG
Agenda: https://datatracker.ietf.org/meeting/88/agenda/6man/
Charter: https://datatracker.ietf.org/doc/charter-ietf-6man/
(4 November 2013, 0900-1130)
- 6lo (IPv6 over Networks of Resource Constrained Nodes) WG
Agenda: https://datatracker.ietf.org/meeting/88/agenda/6lo/
Charter: https://datatracker.ietf.org/doc/charter-ietf-6lo/
(5 November 2013, 1610-1840)
- sunset4 (Sunsetting IPv4) WG
Agenda: (not yet posted)
Charter: http://tools.ietf.org/wg/sunset4/charters
(7 November 2013, 1520-1720)
- homenet (Home Networking) WG
Agenda: https://datatracker.ietf.org/meeting/88/agenda/homenet/
Charter: https://datatracker.ietf.org/doc/charter-ietf-homenet/
(7 November 2013, 0900-1130)
- 6tisch (IPv6 over TSCH mode of 802.16e4)
Agenda: https://datatracker.ietf.org/meeting/88/agenda/6tisch/
Charter: https://datatracker.ietf.org/doc/charter-ietf-6tisch/
(5 November 2013, 1420-1550)
- opsec (Operational Security) WG
Agenda: https://datatracker.ietf.org/meeting/88/agenda/tcpm/
Charter: https://datatracker.ietf.org/wg/tcpm/charter/
(6 November 2013, 1550-1650)
Oct 31
Bruce Schneier to Speak About Internet Surveillance at IETF 88 Technical Plenary Next Week (Featured Blog)
How do we harden the Internet against the kinds of pervasive monitoring and surveillance that has been in recent news? While full solutions may require political and legal actions, are there technical improvements that can be made to underlying Internet infrastructure? As discussed by IETF Chair Jari Arkko in a recent post on the IETF blog, "Plenary on Internet Hardening", the Technical Plenary at next weeks IETF 88 meeting in Vancouver, BC, Canada, will focus on this incredibly critical issue. More...
Oct 31
TDYR #045 – Hardening The Internet Against Surveillance – IETF 88 Technical Plenary Next Week
What can be done to harden the Internet against large-scale surveillance and pervasive monitoring? That will be the topic of the Technical Plenary next Wednesday, Nov 6, at the IETF 88 meeting in Vancouver. In this episode I talk about the upcoming event and why this is so important. Some relevant links:
http://www.circleid.com/posts/20131031_bruce_schneier_to_speak_about_internet_surveillance_at_ietf_88/
http://www.ietf.org/blog/2013/10/plenary-on-internet-hardening/
http://www.ietf.org/live/
https://www.ietf.org/mailman/listinfo/perpass
Oct 31
Video Interview: Why Use Knot DNS For DNS And DNSSEC?
What is the “Knot DNS” server all about and why would you want to use it versus one of the other DNS servers supporting DNSSEC? At the recent ENOG 6 event in Kiev, Ukraine, I had a chance to speak with Jaromir Talir from CZ.NIC Labs and the resulting video interview can be found below. If you are interested in checking out the software, you can visit:
The software is available pre-packaged for several versions of Linux as well as in source-code form.
Here is my interview with Jaromir (and I apologize to Jaromir for repeatedly calling his organization by its domain “nic.cz” instead of by the organization’s name of “cz.nic”):
Prior to this interview, Jaromir had spoken on stage at ENOG 6 in more detail about Knot DNS. His ENOG 6 slides about Knot DNS are online and a video recording of his presentation is available:
It’s great to see a new entrant into the field of DNS name servers. While the existing servers are very rock solid, it’s always great to see new people coming in with new ideas and new tools. As Jaromir says in the interview, having diversity among your servers can be a good practice. I’d encourage you to go check out Knot DNS and let Jaromir and the CZ.NIC team know what you think of it!
Oct 31
Knot DNS
Knot DNS is an authoritative DNS name server that can be used to serve out zone records and includes support for DNSSEC and DANE. One of the key design goals is to provide simple DNSSEC support for dynamic DNS. Knot DNS is developed by the team at CZ.NIC and can be found at:
It is available pre-packaged for several versions of Linux and also as source code as a release or directly from a git repository.
Knot DNS is highly scalable and used by CZ.NIC for the operation of the .CZ TLD. It was developed with the target audience of network operators and DNS operators in mind but can be used by anyone needing to serve out DNS records.
For an overview of Knot DNS, you can view this short video interview with Jaromir Talir of CZ.NIC:
Prior to this interview, Jaromir had spoken on stage at ENOG 6 in Kiev, Ukrain, in more detail about Knot DNS. His ENOG 6 slides about Knot DNS are online and a video recording of his presentation is available:
Oct 30
4 Sessions About Routing Resiliency/Security At IETF 88 Next Week
Next week at IETF 88 in Vancouver the topic of routing resiliency/security will be covered in a variety of different working groups. Our colleague Andrei Robachevsky outlined what will be covered in a post on the “Internet Technology Matters (ITM)” blog: Rough Guide to IETF 88: Routing Resilience. We’re looking forward to those sessions and you can expect to find me in most of them. My particular interest is in what is happening within SIDR right now, but in truth all of them should be interesting.
I’d strongly suggest reading Andrei’s post to understand what’s going to be going on with routing. Here are the relevant working groups and times.
NOTE: If you are not going to be in Vancouver next week, there are multiple ways that you can participate remotely in these working groups, including audio streams and Jabber chat rooms.
- sidr (Secure Inter-Domain Routing) WG
Agenda: https://datatracker.ietf.org/meeting/88/agenda/sidr/
Charter: https://datatracker.ietf.org/wg/sidr/charter/
(5 November 2013, 0900-1130)
- grow (Global Routing Operations) WG
Agenda: https://datatracker.ietf.org/meeting/88/agenda/grow/
Charter: https://datatracker.ietf.org/wg/grow/charter/
(5 November 2013, 1300-1400)
- opsec (Operational Security) WG
Agenda: https://datatracker.ietf.org/meeting/88/agenda/tcpm/
Charter: https://datatracker.ietf.org/wg/tcpm/charter/
(6 November 2013, 1550-1650)
- idr (Inter-Domain Routing Working Group) WG
Agenda: https://datatracker.ietf.org/meeting/88/agenda/idr/
Charter: https://datatracker.ietf.org/wg/idr/charter/
(8 November 2013, 0900-1100)
Oct 30
Finally! Google+ Starts Rolling Out Custom URLs To Regular Users
https://plus.google.com/+DanYork/One of the supreme annoyances of using Google+ has been the horribly ugly long URLs you have had to use for your profile. You couldn't give people an easy URL to find you on the service and there was no way that normal people would realistically remember the long numbers. Google rolled out "custom URL" support for some brands and celebrities earlier but all of us "regular users" were left with the ugly URLs.
That changed yesterday and was noted with a post on Google+, "Expanding the availability of custom URLs". Tipped off to the change by Neville Hobson's post on G+, I went into my Google+ profile and nicely found this message waiting for me at the top of the page
I was delighted to see that "+DanYork" was being offered to me and so I clicked the "Get URL" button to see this screen:
One more click brought me to a confirmation screen nothing that I can't change the URL or transfer it to anyone else:
And that was it! My Google+ profile now is at https://plus.google.com/+DanYork/.
Very cool to see and this will definitely make it so much easier to refer people to my profile on the service (and therefore will make it much easier for people to find me and use Google+).
Now, what I really want is this kind of custom URL for my Google+ Pages, and I'm seeing from comments on G+ that some people have this for their pages already. The post from Google says the criteria for custom URLs will be:
If your profile meets the following criteria, you’ll now be able to claim a custom URL:
- Has a profile photo, and
- Has at least 10 followers, and
- Has an account that's at least 30 days oldMeanwhile, any brand or business that has a linked website or is a verified local business can claim a custom URL for their Google+ page.
I do have linked websites for some of my Google+ Pages ... but I'm not yet seeing the option to get a custom URL. As Google indicates, this feature is being rolled out this week, so hopefully I'll see it soon.
I've been using Google+ a great amount these days, and so I'm thrilled to see this new feature that will make it much easier to find people and to refer people to my profile and content.
What about you? Have you been offered a custom URL on Google+ yet? Have you claimed it?
If you found this post interesting or useful, please consider either:
- following me on Twitter;
- adding me to a circle on Google+;
- following me on App.net;
- subscribing to my email newsletter; or
- subscribing to the RSS feed.
Oct 30
Linphone On iOS Now Supports The Opus Codec
I've written before about why the Opus code is so incredibly important if we want to truly deliver a richer and better communications experience than we've had with the traditional PSTN and so it is great to see this support coming in to Linphone. Linphone is certainly not the first SIP softphone to support Opus - there are a number of others out there, including Jitsi and Counterpath's Bria (and X-Lite) - but it's definitely great to see another softphone added to the mix. Hopefully we'll also see this Opus support move to the desktop versions of Linphone (for Windows, OS X and Linux) as well.
Congrats to the Linphone team on making this happen!
P.S. Linphone also supports IPv6, ensuring that it will continue to work on all future networks.
Related Posts
- Why The Opus Codec Matters - Even If You Don't Care About Audio (also here)
- Audio: TDYR #025 - Why The Opus Codec Matters
If you found this post interesting or useful, please consider either:
- following me on Twitter;
- adding me to a circle on Google+;
- following me on App.net
- subscribing to my email newsletter; or
- subscribing to the RSS feed
