Articles about ietf

Web browsers sharpen knives for TLS 1.0, 1.1, tell protocols to dig their own graves for 2019

Sysadmins and netizens, it's time to get serious about killing off old, buggy and insecure versions of Transport Layer Security (TLS) – the encryption used to secure connections to HTTPS websites like your bank, El Reg, and so on. For one thing, web browser makers are laying out coordinated deprecation plans, meaning if your …
Two baby boys playing with sand in a sandbox

Google and Microsoft boffins playing nicely together to stop replay attacks in their tracks

Google and Microsoft engineers have pooled their efforts to propose a protection against what are known as "replay attacks". These occur when an attacker steals something like a victim's OAuth token and uses it to impersonate them to access otherwise secured resources. The Token Binding Protocol is the next instalment in the …
Cthulu emerges from a printer. Image created by illustrator Andy Davies. Copyright: The Register

Ever used an airport lounge printer? You probably don't know how blabby they can be

Privacy consultant and former Internet Architecture Board president Christian Huitema has said he reckons hotspot users should be given better privacy protection. In an informational draft for the Internet Engineering Task Force published yesterday, Huitema explained that DNS Service Discovery (DNS-SD), the protocol that lets …
Man with headphones intercepts data

No D'oh! DNS-over-HTTPS passes Mozilla performance test

As the DNS-over-HTTPS (DoH) secured domain querying draft creeps towards standardisation, Mozilla has run a test to see if applying encryption brings too heavy a performance penalty. One somewhat-surprising outcome: for some queries, performance improved using DoH. As Mozilla discusses here, run-of-the-mill DNS requests over …
Old wizard in snowy forest

Elders of internet hash out standards to grant encrypted message security for world+dog

While law enforcement continues its worldwide crusade against chat apps with end-to-end encryption, the Internet Engineering Task Force has proposed standards designed to let everybody have message security. One Internet Draft describes the requirements for Message Layer Security (MLS); the other is an MLS protocol standard. …
cry

It's official: TLS 1.3 approved as standard while spies weep

An overhaul of a critical internet security protocol has been completed, with TLS 1.3 becoming an official standard late last week. Describing it as "a major revision designed for the modern Internet," the Internet Engineering Task Force (IETF) noted that the update contains "major improvements in the areas of security, …
Kieren McCarthy, 13 Aug 2018
Woman with red roses and coffin at funeral in church

NSA's crummy crypto crop Suite B binned, and other network nuggets

Over at the Internet Engineering Task Force, a notorious piece of history is being consigned to... well, history. This Request for Comment, RFC 8423, reassigns a bunch of specs that were authored or co-authored by American intel bods at the National Security Agency (NSA) to "Historic Status". The RFCs in question are the NSA' …
Security of IoT

If you're serious about securing IoT gadgets, may as well start here

Can we overcome the SOHOpeless security of the Internet of Things at the home and small business level? An Internet-Draft from Ericsson engineer Mohit Sethi suggests so. Sethi's ambitious proposal isn't destined for the hall of internet standards. Instead, it sets out a possible way to get IoT gadgets connected securely to the …
Maurice Moss IT crowd

‘Elders of the Internet’ apologise for social media, recommend Trump filters to fix it

A new Internet Engineering Task Force draft proposes to apologise for social media. Issued on Monday July 16th, the draft titled “Social Media (An Apology)” is signed by “The Elders of the Internet” and opens by noting “Recently, you may have noticed a dramatic increase in the amount of opprobrium, outrage, hate speech and …
Simon Sharwood, 17 Jul 2018
DNS toolkit

DNS ad-hocracy in peril as ICANN advisors mull root server shakeup

Internet overseer ICANN is considering a self-managed governance model for the world's Domain Name System root servers – and one of the outcomes could be a reduction in the number of root servers. Today, 12 companies operate the 13 DNS root servers that are used by browsers and other software to ultimately translate domain …
Person meditating on beach

Be The Packet. Take each hop it makes. Your network will repay you

Roundup Did you ever wish you had a half-a-gigabit-per-second connection you could fire up anytime, at zero cost? You can, it turns out – but only between paired Android phones. Google last week announced an upgrade to its Files Go app, which it says is particularly popular for phone-to-phone transfers in places like India as it gets …
Enigma machine Shutterstock

In non-startling news, EFF says STARTTLS email crypto is mostly done wrong

Having successfully pushed for universal HTTPS Web encryption, the Electronic Frontier Foundation's next protocol push is for “STARTTLS Everywhere”. It's testament to system administrator inertia that a protocol first published in 2002 and available in all major e-mail clients and servers is still not everybody's default. By …
Internet engineering task force logo

Net's druids thrash out specs for an independent IETF

The Internet Engineering Task Force has taken another step on its road to independence, publishing a for-discussion proposal covering its likely administrative arrangements. It's part of a process we first reported in April of this year, designed to formalise the arrangements that keep the 'net's technical standards flowing. …

It's time for TLS 1.0 and 1.1 to die (die, die)

As TLS 1.3 inches towards publication into the Internet Engineering Task Force's RFC series, it's a surprise to realise that there are still lingering instances of TLS 1.0 and TLS 1.1. The now-ancient versions of Transport Layer Security (dating from 1999 and 2006 respectively) are nearly gone, but stubborn enough that Dell …
Road at night image via Shutterstock

IETF wants packets to prove where they've been, to improve trust

Virtualization changes everything – and in the case of the routers that keep the Internet working, it's not always in a good way. Over the years, the IETF has accepted a variety of proposals that let network admins stipulate where their packets will go, under working groups like Internet Traffic Engineering and Service …
Axe Cutting Wood

IETF: GDPR compliance means caring about what's in your logfiles

Sysadmins: while you're busy getting ready for the GDPR-regulated world, don't forget what your servers are storing in their logfiles. That advice comes courtesy of a draft mulled by the Internet Engineering Task Force's Internet Area Working Group (IETF's INTAREA). The document, here, offered a handy checklist as a set of …
Internet engineering task force logo

Internet Engineering Task Force leaves home, gets own bank account

If all goes according to plan, the venerable Internet Engineering Task Force (IETF) will this week tackle a fiendishly difficult problem: standing on its own administrative feet. Today, the IETF exists as an Internet Society (ISOC) activity under a structure that is more than a decade old and needs a refresh. The IETF has …
Hangover progress bar

Hurrah! TLS 1.3 is here. Now to implement it and put it into software

The ink has dried, so to speak, on TLS 1.3, so it's time for work developing software to implement the standard to begin in earnest. As we reported last week, now that the protocol's received the necessary consensus in the IETF, implementation “will require people to put in some effort to make it all work properly.” Vulture …

Create a news alert about ietf, or find more stories about ietf.

Biting the hand that feeds IT © 1998–2018