Just a guy in Vermont trying to connect all the dots...
Dan York
Author's posts
Mar 08
DNSSEC Discussion In DNSOP Working Group At IETF86 Next Week
At the 86th meeting of the Internet Engineering Task Force (IETF) next week in Orlando there is one primary working group where DNSSEC will be discussed, the DNSOP (DNS Operations) working group. As noted in our recently-published “Rough Guide To IETF 86′s Hot Topics“, DNSOP develops guidelines for the operation of DNS software servers and the administration of DNS zone files. It also documents DNSSEC operational procedures and looks at DNS-related IPv6 transition and coexistence issues.
The meeting is on Thursday, March 14, from 17:30 – 18:30 US Eastern time. The agenda and working group charter are:
Agenda: https://datatracker.ietf.org/meeting/86/agenda/dnsop/
Charter: https://datatracker.ietf.org/doc/charter-ietf-dnsop/
There are two major DNSSEC-related documents being discussed. First is draft-livingood-negative-trust-anchors, an interesting idea about how to use a “Negative Trust Anchor” to indicate within the DNSSEC-validating resolver that you want to accept DNS records for a given domain even if the DNSSEC-validation cames back as bad. The primary use case for this is when there is a breakage of the DNSSEC chain of trust caused by, for instance, accidentally letting a key expire for a domain. This idea came about from the team at Comcast when they dealt with issues like the nasa.gov key expiration. It’s intended as a temporary measure that administrators can use while we are getting more DNSSEC deployed and the tools and processes are still evolving.
The second document is draft-kumari-ogud-dnsop-cds, a new draft that proposes a method of solving the dilemma of how to communicate a new Key Signing Key (KSK) to the parent domain using DNS itself. This issue has been an ongoing challenge that has been in need of simplification – and this approach is one such proposal. The mechanism, though, has proven to be quite contentious with a large volume of email to the dnsop mailing list. It should generate quite an interesting discussion in the DNSOP meeting!
There may be a few other DNSSEC-related documents floating around in other working groups, but the DNSOP group on Thursday will be the major location of DNS-related discussion at this IETF 86 meeting. Other DNS-related working groups such as DANE and DNSEXT chose not to meet as their work has been going on through the mailing lists and did not require a face-to-face meeting this time.
Note that if you can’t participate in person, there are several ways to participate remotely via audio, Jabber chat, WebEx and MeetEcho.
P.S. 3 of the 4 DO Team members will be at IETF 86 next week – please do say hello if you are there!
Mar 07
IPv6 Sessions at IETF 86 Next Week
The 86th meeting of the Internet Engineering Task Force (IETF) is happening next week in Orlando and if you are interested in IPv6, there are quite a number of working groups where IPv6 will be discussed. Our recently-published “Rough Guide To IETF 86′s Hot Topics” highlights three of the IPv6 groups:
v6ops (IPv6 Operations) WG
Joel Jaeggli is now an AD and John Brzozowski is taking over his job as WG chair along with Fred Baker. One draft to be discussed is draft-mlevy-v6ops-auto-v6-allocation-per-asn that led to some interesting discussions on the mailing list about the assertion that this draft enables networks to bypass the Regional Internet Registries (RIRs) in getting IPv6 space. It will be interesting to see whether this progresses or is discussed at the WG meeting during IETF 86.
There was a call for adoption of draft-binet-v6ops-cellular-host-requirements as a working group document. Most comments were in favor but there were a couple of articulate opponents. Many of the supporters are people working for adoption of v6 in mobile networks – mostly mobile operators.
Agenda: https://datatracker.ietf.org/meeting/86/agenda/v6ops/
Charter: https://datatracker.ietf.org/wg/v6ops/charter/
(11 March 2013, 1300-1530; 13 March 2013 1510-1710)
————–
6man (IPv6 Maintenance) WG
The 6man Working Group is charged with the maintenance, upkeep and advancement of the IPv6 protocol specifications and addressing architecture, which is especially relevant as IPv6 begins to be deployed around the world at scale this year. A lot of the mailing list discussion since the last IETF meeting has been around the use of the U-bit and G-bit in the IPv6 iid as outlined in draft-carpenter-6man-ug. This draft hopes to clarify the use of these bits.
Agenda: https://datatracker.ietf.org/meeting/86/agenda/6man/
Charter: https://datatracker.ietf.org/doc/charter-ietf-6man/
(15 March 2013, 1120-1220, 1230-1330)
————–
sunset4 (Sunsetting IPv4) WG
sunset4 is a new working group in the Internet Area. The working group is an addresses the fact that the Internet is still largely IPv4, but in the presence of address exhaustion it cannot continue to be the Internet that we know today. The Internet will transition to IPv6 but there will be an interval where the Internet’s performance degrades as more coping mechanisms are adopted and before a complete transition to IPv6. This working group hopes to develop techniques to mitigate some of that pain. Sunset4 has a new charter proposed since the last IETF meeting, but it has not been approved. There has been little activity on the mailing list since IETF 85.
Agenda: https://datatracker.ietf.org/meeting/86/agenda/sunset4/
Charter: https://datatracker.ietf.org/doc/charter-ietf-sunset4/
(13 March 2013, 1300-1500)
Beyond those working groups, given that IPv6 is “the new normal” it can be found throughout many other groups, including:
- behave (NAT)
- homenet (home networking)
- opsec (Operational Security – all about IPv6 this time)
- mif (multiple interfaces)
- softwire
IPv6-related drafts will also appear in a range of other working groups. Should be some excellent discussions and we’re looking forward to seeing progress made on a number of different drafts.
Note that if you can’t participate in person, there are several ways to participate remotely via audio, Jabber chat, WebEx and MeetEcho.
Mar 06
Every Minute You Spend Consuming Content Is A Minute You Are Not Creating Content
Or you could be reading this article... or liking posts on Facebook... or interacting with people on Twitter or Google+... or watching the latest video on YouTube that-you-absolutely-MUST-see-because-it's-so-amazing... or watching that series everyone is talking about on Netflix or commercial TV...
In every moment, you have a choice:
Every minute you spend consuming content is a minute you are not creating content.
Do you read this article? Or do you create a new article that feeds your sites and social networks?
Do you spend time interacting with content other people create on social networks? Or do you create new content that you share out onto social networks?
Obviously, the key is... balance.
We all like - and need - to consume content. We learn by reading, hearing and viewing the articles, podcasts and videos that are out there. We are inspired and amused and delighted and saddened and angered... and every other emotion. We deepen our friendships (and meet new people) by interacting with content created by others.
In fact, sometimes we may need to consume content, in order to create new content of our own. We may need to read articles to research a topic we want to write about - or we may want to read other points of view to bring depth to our own article. Or our own new content may be a "curation" of other content with perhaps added commentary for context - and so we need to be a consumer of content in order to create the new content.
Consuming content may in fact be an important part of the creative process.
BUT... if consuming is all we do... then we are not adding to our own online presence. We are not building our own online reputation through the material we create. We are not providing our own content that others can share. We are not out there telling our own stories and sharing our own information. We are not helping people learn and grow from our experience and knowledge.
Are you just a consumer? Or are you a creator?
Consume? Create?
In every moment, you have a choice... choose wisely.
P.S. A month or so ago, I recorded an audio commentary on a similar topic that you may also enjoy:
UPDATE: After a comment by Alan Percy on Facebook related to this post, I added the paragraph "In fact, sometimes..." and the following one-line paragraph to clarify that consumption may very well be part of the creative process... but again, it is finding the balance.
If you found this post interesting or useful, please consider either:
- following me on Twitter;
- adding me to a circle on Google+;
- following me on App.net;
- subscribing to my email newsletter; or
- subscribing to the RSS feed.
Mar 04
ISC’s “IPv6 Security Focus Month” Begins
As we mentioned previously, the handlers at the SANS Institute’s “Internet Storm Center (ISC)” have indicated that March will be their “IPv6 Focus Month”. To that end, they’ve started off the month with a list of IPv6 resources they have previously published at the ISC and their list does include some great content (some of which we’ll probably add links to as “resources” here on the site):
- IPv6 videos (I particularly like their demo of “Happy Eyeballs”)
- an IPv6 pocket reference guide / cheat sheet
- a list of all past ISC diary entries related to IPv6
It’s great to see this information coming out of SANS – and we look forward to seeing what other IPv6 security stories and tools they write about during this month.
Mar 04
FIR #693 – 3/4/13 – For Immediate Release
Congratulations Steve Rubel on new Edelman gig; Civility book review coming; B2B Huddle set for May 2, FIR will podcast keynotes; FIR listener discount to London conference; Quick News: most brands using Instagram, the return of sweetness, the first Vine press release, Google explains how search works; Ragan promo; news That Fits: Yahoo's telecommuting announcement, Dan York's report, agency pop-up stores, Media Monitoring Minute from CustomScoop, listener comments, Google Plus gets important, Michael Netzley's Asia report, Dell's real-time intelligence tool; music from Second Saturday; and more.
Mar 01
Geoff Huston Unravels An IPv6 Bug Involving Apple Mail And Microsoft Exchange
Geoff Huston at APNIC Labs published today a fascinating and very well-documented exploration of why he was having occasional seemingly random problems sending email from his Apple Mail program via APNIC’s Microsoft Exchange Server.
It’s such a good read that I’ll not spoil the story, other than to say it is a good example of the kinds of things application developers need to be thinking about with regard to how they work with IPv6 addresses!
Thanks to Geoff and his colleagues for publishing such a thorough write-up from which we all can learn.
Mar 01
The International Space Station’s Canadian Music Video Collaboration – and Google+ Hangout (Featured Blog)
As much as we talk here about the inner workings of the Internet's infrastructure, there are times when you have to just sit back and look at how incredibly cool some of the things are that are enabled by the Internet. For example, last week I was delighted to stumble across this excellent music video collaboration between the International Space Station's Canadian commander Chris Hadfield, the Canadian band Barenaked Ladies along with a Canadian student choir. More...
Mar 01
Going on VUC Podcast Today – And A Few More Name Ideas
Going on VUC Podcast Today - And A Few More Name Ideas by Dan York
Feb 28
Is The “VoIP” in “VoIP Security” Still The Right Term?
Should we still be talking about “VoIP security”? Or should we be using some other language?
Back when we started VOIPSA in 2005, “voice over IP (VoIP)” was the term we all were using, but as we look at what kind of activities come next, we’re starting to wonder if we should be talking about “communications security” a bit differently.
For starters, in the past 8 years we’ve moved far beyond simply “voice” into video over IP, text messaging over IP, data sharing over IP… all within a single communications session. Is that still “VoIP”?
Beyond that, we’ve seen a range of other terms coming into usage, including:
- unified communications (UC)
- real-time communications (RTC)
- cloud communications
- IP communications
and many more. Plus new technologies are out that have pushed “VoIP” beyond its traditional proprietary protocols and the open standard of the Session Initiation Protocol (SIP). We’ve seen the strong emergence of XMPP (Jabber) and its related “Jingle” protocol. We’ve seen the explosion of interest in the WebRTC / RTCWEB protocols and tools.
Are all of those “VoIP”? Or are they something more?
Should we be talking about…
- UC security?
- real-time communications security?
- IP communications security?
Or perhaps just plain old “communications security”? (or is that too generic?) I’ve seen some people talking about “SIP security”, but now that is specific to a single protocol.
Or is “VoIP security” still an okay term to use?
What do you think? What do you use? What do you hear vendors and others using? How should we be talking about securing all these many ways we have to communicate now over IP networks?
Please do let us know either as comments here or out on social networks. (Thanks!)
