Just a guy in Vermont trying to connect all the dots...
Dan York
Author's posts
May 22
Video: My Discussion of DNSSEC and DANE with VoIP / SIP on The VUC
What role could DNSSEC potentially play to help better secure voice-over-IP (VoIP)? How could the DANE protocol help provide a stronger level of security to SSL/TLS certificates used in VoIP? What VoIP software out there right now works with DNSSEC?
Back on May 3, 2013, I participated in a VoIP Users Conference (VUC) call on precisely these questions. In the call that went for close to 90 minutes I outlined what DNSSEC and DANE are all about, how they work in a web browser world and how they could potentially work in a world of VoIP with SIP. We also discussed the current support for DNSSEC in the Jitsi softphone and the Kamailio SIP server. There was also a healthy question and answer period where we went off on different tangents. I referenced a presentation I made at SIPNOC 2013 and the slides for that presentation as well as other resources are available from the Deploy360 DNSSEC and VoIP page.
It was a great call and the video is available on YouTube:
If you want to just listen to the audio, you can play or download it from the VUC episode page.
If you found this post interesting or useful, please consider either:
- following me on Twitter;
- adding me to a circle on Google+;
- following me on App.net
- subscribing to my email newsletter; or
- subscribing to the RSS feed
May 21
TDYR #008 – The Moore Tornado And The Internet As A Powerful Tool For Organizing In Times Of Crisis
The horrific tornado in Moore, Oklahoma, yesterday was another example of where the Internet can play a powerful role in helping organize efforts in the face of a crisis. Here are some of the links I mention in the episode:
http://www.humanityroad.org/situation-report
https://moore.recovers.org/
http://google.org/crisismap/2013-oklahoma-tornado
https://www.facebook.com/cityofmoore
https://twitter.com/cityofmoore
My thoughts are certainly with all of those affected by this terrible disaster.
May 21
Switzerland Edges Out Romania As Top In IPv6 Adoption (via Google)
By way of a message to the “ipv6-ops” mailing list this morning we learned the fun fact that according to Google’s IPv6 Statistics Switzerland has edged out Romania as the country with the most IPv6 adoption coming in at 9.47% versus Romania at 8.63%.
Given that Romania has held the lead in IPv6 adoption for quite some time, as shown in Eric Vyncke’s comparison stats, the rise by Switzerland is quite interesting to see.
I’ll note that some of the other IPv6 statistics sites do not yet show Switzerland with the same percentage as Google, but this may have to do with both methodology and timing. For instance, Eric Vyncke’s web browser comparison uses Google’s data and so tomorrow may show the higher percentage given that today it says it is based on yesterday’s data. Regardless of the exact measurements, Eric’s chart for Switzerland shows the dramatic climb, as does a chart from APNIC using a different measurement system.
As to why the jump in IPv6, a message to the ipv6-ops list indicated that the carrier Swisscom has been turning on IPv6 and this is backed up by APNIC’s stats for Swisscom.
Kudos to the team at Swisscom who is making IPv6 available! It’s great to see… and now we look forward to seeing how long Switzerland will retain this lead – or what country will be next to take the leadership crown in IPv6 adoption.
May 20
FIR #704 – 5/20/13 – For Immediate Release
Amsterdam conference report, more B2B Huddle talks are up, Attenzi book review is up; Quick News: Vine videos shared four times more than viral videos, IABC's CW magazine goes digital only, the state of social media advertising, Atlantic Media's next digital only venture; Ragan promo; News That Fits: BYOD focus, Yahoo acquires Tumblr, what happens when old crises resurface?, Media Monitoring Minute from CustomScoop, listener comments, social and digital agencies will vanish in a decade, Dan York and Bernie Goldbach report, Google Plus evolves, native advertising and the future of journalism; how to comment; music from DJ YRS Jerzy Ft. Chox-Mak; and more.
May 20
TDYR #007 – Reflections On Galway And Travel In Ireland
Some reflections and thoughts about travel in Ireland and in particular the Galway region. I was in Ireland in May 2013 to attend a conference in Dublin and then spent 4 more days exploring the country with my wife.
May 19
Two Years Of Cancer – The Other Reason For The Trip To Ireland
Beyond the fact that I had a conference in Dublin, Ireland, there was a second and much more powerful reason why my wife accompanied me on this trip. You see, it was two years ago on May 16th when a doctor told us that Lori had cancer.
It was in July 2011 when she had her surgery and it was shortly after that when they told us she had invasive cancer and would need chemo and much more... but the date of May 16 will be forever remembered by us as the day that everything changed.
To say that it's been two years of hell would be a mild understatement - and I've written about much of the trials of the first year as well as the subsequent treatment with Herceptin.
At this stage, the treatment continues - she has four more years of daily Tamoxifen pills with all the glorious fun of chemically-induced menopause, joint pain, ongoing fatigue and all the other side effects. As a spouse of someone going through it all, it's very tough to watch all that she is going through - all with the hope that it will be enough to keep her cancer away.
So on May 16th, we left my conference in Dublin behind and set out to explore Ireland and see what we could see... no plans, no schedules and not even any hotel rooms. Just the two of us and a rental car.
Each day we continue to seek out "the new normal", whatever that is, and to learn to live with this very unwelcome guest in our lives. This trip was our way to celebrate a dark anniversary and say in our own way that we will not let cancer win.
May 15
Slides from RIPE66: Making an Application Fully IPv6 Compliant
Today at the RIPE66 meeting in Dublin, Ireland, Bert Hubert of PowerDNS fame gave a great presentation about “Making an application fully IPv6 compliant“:
The video and audio for the session should be available soon. I very much enjoyed Bert’s presentation and he had a few points that I will think about adding to the next version of the book. One specific point is around collecting statistics. Bert noted that in IPv4 you again typically only have one IP address to worry about for each connection, while in IPv6 you may have many different IP addresses for a connection (or you could have). And so you may need to think about your storage of all that statistics information.
I only had two minor quibbles with Bert’s slides:
- On slide 11, Bert suggests there could be several different ways of displaying IPv6 addresses with port numbers. As I stated in the question time, RFC 5952 states that it should be Bert’s choice “a”.
- On the issue of how to choose whether to use the IPv6 or IPv4 interface, the “Happy Eyeballs” technique defined in RFC 6555 is one that many developers are now using.
Overall, I was very glad to see Bert’s presentation out there as we need to have more such presentations helping application developers think about these issues of migrating to IPv6.
P.S. If you want to easily refer people to Bert’s slides, he provided the very easy URL of:
May 15
Slides from RIPE66: Making an Application Fully IPv6 Compliant
Today at the RIPE66 meeting in Dublin, Ireland, Bert Hubert of PowerDNS fame gave a great presentation about “Making an application fully IPv6 compliant“:
The video and audio for the session should be available soon. I very much enjoyed Bert’s presentation and he had a few points that I will think about adding to the next version of the book. One specific point is around collecting statistics. Bert noted that in IPv4 you again typically only have one IP address to worry about for each connection, while in IPv6 you may have many different IP addresses for a connection (or you could have). And so you may need to think about your storage of all that statistics information.
I only had two minor quibbles with Bert’s slides:
- On slide 11, Bert suggests there could be several different ways of displaying IPv6 addresses with port numbers. As I stated in the question time, RFC 5952 states that it should be Bert’s choice “a”.
- On the issue of how to choose whether to use the IPv6 or IPv4 interface, the “Happy Eyeballs” technique defined in RFC 6555 is one that many developers are now using.
Overall, I was very glad to see Bert’s presentation out there as we need to have more such presentations helping application developers think about these issues of migrating to IPv6.
P.S. If you want to easily refer people to Bert’s slides, he provided the very easy URL of:
May 15
TDYR #006 – At RIPE66 In Dublin Talking IPv6 And DNS/DNSSEC
This week I have been in Dublin, Ireland, at the DNS-OARC and RIPE66 meetings meeting people and talking all about IPv6 and DNS / DNSSEC. It has been a great week and this is a quick report from the site. You can get the slides and archives from:
http://www.dns-oarc.net/
http://ripe66.ripe.net/
May 14
Watch LIVE Today – RIPE66 Panel On Routing Resiliency
In about 90-ish minutes, during the session block from 16:00-17:30 local time in Dublin, Ireland, our Internet Society colleague Andrei Robachevsky will be co-moderating a panel about routing resiliency and anti-spoofing of routes and IP addresses. You can watch and listen live at:
As noted in the RIPE 66 Meeting Plan, the panel comes after two talks related to DNS security (that also look quite interesting). The session block starts at 16:00 – we expect the panel will probably start somewhere between 16:30 – 17:00.
A description of the panel is:
Panel: Seven Years of Anti-Spoofing: What Happened Since the RIPE Task Force and What Still Needs to be Done
Tuesday, 14 May, in the 16:00-17:30 block
This panel of network operators, security experts and vendors to dive into the issue of spoofed IP addresses and how they contribute to Distributed Denial-of-Service (DDoS) attacks. Given that there are known mitigation approaches such as BCP 38, why are DDoS attacks still so common? What can the larger operator community be doing to combat IP spoofing?
This session is extremely relevant to the new Routing Resiliency/Security section of the site that we are seeking to build out, so we’ll definitely be listening to the conversations and feedback.
FYI, if you would like to reach either Jan Zorz or I to meet with us while we are here at RIPE66, please send us an email at deploy360@isoc.org.
