SlideShare a Scribd company logo

Internet Standards - The IETF

RIPE NCC
RIPE NCC

Presentation given by Mirjam Kühne at MEAC-SIG 2019, Rabat, Morocco on 9 July 2019.

Technology
1 of 30
Download to read offline
Mirjam Kühne | MEAC-SIG 2019, Rabat, Morocco | July 2019 Internet Standards - The IETF Mirjam Kühne, RIPE NCC, Senior Community Builder
IETF Internet Engineering Task Force
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • The Mission of the IETF is to make the Internet work better by producing high quality, relevant technical documents that influence the way people design, use, and manage the Internet. (RFC 3935) • Loosely self-organised group of people who contribute to the engineering and evolution of Internet technologies (The Tao) The IETF mission
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • A Standards Development Organisation (SDO) - Focus on Internet technologies: email, ftp, http, dns - Other SDOs: ITU, IEEE, ETSI, W3C • No formal membership - People participate as individuals • No formal voting (instead: humming) • No formal government role - Driven by market adoption The IETF is a little different ..
Mirjam Kühne | MEAC-SIG 2019 | July 2019 IETF culture
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Anybody can participate • Typically network designers, operators, vendors, and researchers • Working on evolution of the Internet architecture and the smooth operation of the Internet • Pretty international Who participates in the IETF?
Mirjam Kühne | MEAC-SIG 2019 | July 2019 IETF participation !7
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Technical work done in Working Groups (~ 130) • Organised by topical areas (currently 7) • Three face-to-face meetings per year - 1,000 - 1,400 participants - Good remote participation facilities • Most work done on mailing lists - Open to anybody! How does it work?
Mirjam Kühne | MEAC-SIG 2019 | July 2019 IETF areas !9
Mirjam Kühne | MEAC-SIG 2019 | July 2019 IETF structure !10
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • IESG: Internet Engineering and Steering Group - Responsible for technical management of IETF activities • IRTF: Internet Research Task Force - Focused on longer-term research topics • IAB: Internet Architecture Board - Oversight of Internet architecture and standards process • IETF LLC: IETF Limited Liability Company - Legal home for the above; admin and fiscal support Alphabet soup
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • IETF mantra: - “We reject kings, presidents and voting. We believe in rough consensus and running code.” • Consensus is achieved when all issues are addressed - But they are not all necessarily accommodated • Dissenting options are heard, but are not controlling • Humming: a way to measure consensus (anonymously) • “On Consensus and Humming in the IETF” (RFC 7282) IETF and consensus
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • All IETF documents are open and freely accessible • Not all RFCs Are Standards (RFC 1796) • Categories - Proposed Standards and Full Standards - Best Current Practices (BCPs) - Informational - Experimental - Historic Requests for Comments - RFCs
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • RFC Index: - https://www.rfc-editor.org/rfc- index.html - https://www.rfc-editor.org/info/ rfc8624 RFCs !14
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Hackathons • Code Sprints • BoFs • Tutorials • Plenaries Other IETF events !15
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Describes many aspects of the IETF - Especially useful for newcomers - Makes participation more productive and fun • Talks about Working Groups, Mailing Lists, Meetings, Running Code, Online Tools, BoFs and RFCs and more - https://www.ietf.org/about/participate/tao/ (recently updated) • Translations, including Arabic (2012 version) - http://www6.ietf.org/tao-translated-ar.html The Tao of the IETF
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • You can participate remotely - Registration, presentation - Chat rooms - Video streaming • https://www.ietf.org/about/participate/ - How to get started - Tutorials on technical and procedural topics Remote participation
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Bottom-up, voluntary - Participation as individuals • Competitors work together to find best solution for all - Consensus via humming (anonymous) • Market decides about what becomes a standard - Sometimes multiple solution for same problem • Not a legal entity - Volunteer platform Main take-aways
Current discussions DNS and privacy
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • In 1999 the IETF was working on media gateway protocols • US Law Enforcement asked the IETF to make protocols compliant with the US Communications Assistance for Law Enforcement Act (CALEA) • In the end the IETF decided not to follow this request • “IETF Policy on Wiretapping” (RFC 2804, May 2000) Some history: RFC 2804
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • After Edward Snowden’s revelations, the IETF took a strong position: - “Pervasive monitoring is a technical attack that should be mitigated in the design of IETF protocols, where possible.” • Pervasive Monitoring Is an Attack (RFC 7258, May 2014) - http://www.circleid.com/posts/20190407_dns_privacy_at_ietf_104/ by Geoff Huston Some more history: RFC 7258
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Many actors seem to be looking at the DNS - To observe what we all do online and to suggest what services we can access • Can we stop DNS surveillance completely? - Probably not • But we can make it harder to collect individual profiles of activity DNS surveillance
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • DNS name resolution protocol is unencrypted - Anyone can see transactions on the wire - Anyone can intercept DNS queries - And every Internet transaction starts with a DNS query • IETF DNS Private Exchange WG (dprive) - Develops mechanisms to provide confidentiality to DNS transactions - Addresses concerns surrounding pervasive monitoring (RFC 7258) Why do actors use the DNS for that?
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • QNAME Minimisation (RFC 7816) - DNS resolver no longer sends the entire original query name to the upstream name server - Instead it sends only parts of the hierarchy Solutions to enhance DNS privacy (1)
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • DNS over TLS - DoT (RFC 7858, RFC 8310) - TLS is a TCP ‘overlay’ that adds server authentication and session encryption to TCP - Client validates identity of server - The privacy is relative, as the recursive resolver still knows all your DNS queries - Uses port 853 - can easily be blocked by middleware - Some DNS recursive resolvers support DNS over TLS (e.g. BIND, Unbound) Solutions to enhance DNS privacy (2)
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Specialised services available to a few technical people - But that might be changing as more providers offer it by default • Can easily be blocked (port 853) • Prevents surveillance on the wire, but still shares your DNS activity with the DoT service provider - Still better than not having any encryption DoT - disadvantages
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • DNS over HTTPS - DoH (RFC 8484) - Very similar to DoT, but: - Uses port 443 (HTTPS) - makes it difficult to distinguish from HTTPS traffic - Not turned on by user or ISP, but by browser or application vendor - Therefore bypasses the operating system and its settings • Could become “mainstream" service used by potentially billions of end users Solutions to enhance DNS privacy (3)
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • The device-to-resolver connection is encrypted and hidden inside Web traffic • Each application can operate a different DNS resolver - DNS becomes application level services (instead of networking service) - Makes it hard to debug for your ISP • Each application gains more control over your resolver choice - Application/browser vendors can effectively dominate the Internet's namespace DoH - disadvantages
Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Unencrypted vs. encrypted • Business model: ISP vs. over-the-top media (browser or app) • Distributed vs. concentrated • Local vs. remote • Trust your local ISP vs. trust remote browser vendor? • User choice vs. application’s choice - You won’t even notice Main issues around Dot and DoH
Questions Mirjam Kühne | MEAC-SIG 2019 | July 2019 mir@ripe.net @mir_ripe_labs !30

Recommended

RFC and internet standards presentation
RFC and internet standards presentationRFC and internet standards presentation
RFC and internet standards presentationNaveen Jakhar, I.T.S
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentationKateryna Haskova
 
Firewall
Firewall Firewall
Firewall Amuthavalli Nachiyar
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
Wireshark
WiresharkWireshark
WiresharkKasun Madusanke
 
Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing softwaredharmesh nakum
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Wireshark
Wireshark Wireshark
Wireshark antivirusspam
 

Recommended

RFC and internet standards presentation
RFC and internet standards presentationRFC and internet standards presentation
RFC and internet standards presentationNaveen Jakhar, I.T.S
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentationKateryna Haskova
 
Firewall
Firewall Firewall
Firewall Amuthavalli Nachiyar
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
Wireshark
WiresharkWireshark
WiresharkKasun Madusanke
 
Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing softwaredharmesh nakum
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Wireshark
Wireshark Wireshark
Wireshark antivirusspam
 
Ethernet protocol
Ethernet protocolEthernet protocol
Ethernet protocolTom Chou
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic PresentationMD. SHORIFUL ISLAM
 
Apache web-server-architecture
Apache web-server-architectureApache web-server-architecture
Apache web-server-architectureIvanGeorgeArouje
 
Ethernet
EthernetEthernet
Ethernetsijil chacko
 
Apache ppt
Apache pptApache ppt
Apache pptpoornima sugumaran
 
HTTP Basics
HTTP BasicsHTTP Basics
HTTP Basicssanjoysanyal
 
HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)Gurjot Singh
 
Firewall
FirewallFirewall
FirewallSaurabh Chauhan
 
Web servers
Web serversWeb servers
Web serversKuldeep Kulkarni
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wiresharkBasaveswar Kureti
 
Introduction to Web Programming - first course
Introduction to Web Programming - first courseIntroduction to Web Programming - first course
Introduction to Web Programming - first courseVlad Posea
 
Networking basics PPT
Networking basics PPTNetworking basics PPT
Networking basics PPTEhsan Ullah Kakar
 
Restful web services ppt
Restful web services pptRestful web services ppt
Restful web services pptOECLIB Odisha Electronics Control Library
 
Wireshark
WiresharkWireshark
Wiresharklakshya dubey
 
Wireshark course, Ch 03: Capture and display filters
Wireshark course, Ch 03: Capture and display filtersWireshark course, Ch 03: Capture and display filters
Wireshark course, Ch 03: Capture and display filtersYoram Orzach
 
Ipv4 & ipv6
Ipv4 & ipv6Ipv4 & ipv6
Ipv4 & ipv6kamran_share
 
Dns server
Dns serverDns server
Dns serverSubrata Kumer Paul
 
CCNA training 101
CCNA training 101CCNA training 101
CCNA training 101Rohan Reddy
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
Data Communications and Computer Networks
Data Communications and Computer Networks Data Communications and Computer Networks
Data Communications and Computer Networks Jubayer Alam Shoikat
 
Some Internet Topics: Horizontals, the IETF, and IPv6
Some Internet Topics: Horizontals, the IETF, and IPv6Some Internet Topics: Horizontals, the IETF, and IPv6
Some Internet Topics: Horizontals, the IETF, and IPv6Internet Society
 
Internet Numbers
Internet NumbersInternet Numbers
Internet NumbersRIPE NCC
 

More Related Content

What's hot

Ethernet protocol
Ethernet protocolEthernet protocol
Ethernet protocolTom Chou
 
Apache web-server-architecture
Apache web-server-architectureApache web-server-architecture
Apache web-server-architectureIvanGeorgeArouje
 
HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)Gurjot Singh
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wiresharkBasaveswar Kureti
 
Introduction to Web Programming - first course
Introduction to Web Programming - first courseIntroduction to Web Programming - first course
Introduction to Web Programming - first courseVlad Posea
 
Wireshark course, Ch 03: Capture and display filters
Wireshark course, Ch 03: Capture and display filtersWireshark course, Ch 03: Capture and display filters
Wireshark course, Ch 03: Capture and display filtersYoram Orzach
 
CCNA training 101
CCNA training 101CCNA training 101
CCNA training 101Rohan Reddy
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
Data Communications and Computer Networks
Data Communications and Computer Networks Data Communications and Computer Networks
Data Communications and Computer Networks Jubayer Alam Shoikat
 

What's hot (20)

Ethernet protocol
Ethernet protocolEthernet protocol
Ethernet protocol
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
 
Apache web-server-architecture
Apache web-server-architectureApache web-server-architecture
Apache web-server-architecture
 
Ethernet
EthernetEthernet
Ethernet
 
Apache ppt
Apache pptApache ppt
Apache ppt
 
HTTP Basics
HTTP BasicsHTTP Basics
HTTP Basics
 
HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)HyperText Transfer Protocol (HTTP)
HyperText Transfer Protocol (HTTP)
 
Firewall
FirewallFirewall
Firewall
 
Web servers
Web serversWeb servers
Web servers
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
 
Introduction to Web Programming - first course
Introduction to Web Programming - first courseIntroduction to Web Programming - first course
Introduction to Web Programming - first course
 
Networking basics PPT
Networking basics PPTNetworking basics PPT
Networking basics PPT
 
Restful web services ppt
Restful web services pptRestful web services ppt
Restful web services ppt
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark course, Ch 03: Capture and display filters
Wireshark course, Ch 03: Capture and display filtersWireshark course, Ch 03: Capture and display filters
Wireshark course, Ch 03: Capture and display filters
 
Ipv4 & ipv6
Ipv4 & ipv6Ipv4 & ipv6
Ipv4 & ipv6
 
Dns server
Dns serverDns server
Dns server
 
CCNA training 101
CCNA training 101CCNA training 101
CCNA training 101
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
 
Data Communications and Computer Networks
Data Communications and Computer Networks Data Communications and Computer Networks
Data Communications and Computer Networks
 

Similar to Internet Standards - The IETF

Some Internet Topics: Horizontals, the IETF, and IPv6
Some Internet Topics: Horizontals, the IETF, and IPv6Some Internet Topics: Horizontals, the IETF, and IPv6
Some Internet Topics: Horizontals, the IETF, and IPv6Internet Society
 
Internet Numbers
Internet NumbersInternet Numbers
Internet NumbersRIPE NCC
 
Quant - Interchain Development And Cross-Chain Protocols. BlockchainLive 2018
Quant - Interchain Development And Cross-Chain Protocols. BlockchainLive 2018Quant - Interchain Development And Cross-Chain Protocols. BlockchainLive 2018
Quant - Interchain Development And Cross-Chain Protocols. BlockchainLive 2018Gilbert Verdian
 
TFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & OperationalizationTFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & OperationalizationColorado Internet Society (CO ISOC)
 
Config Management and Data Service Deep Dive
Config Management and Data Service Deep DiveConfig Management and Data Service Deep Dive
Config Management and Data Service Deep DiveCristina Vidu
 
IETF's Role and Mandate in Internet Governance by Mohit Batra
IETF's Role and Mandate in Internet Governance by Mohit BatraIETF's Role and Mandate in Internet Governance by Mohit Batra
IETF's Role and Mandate in Internet Governance by Mohit BatraOWASP Delhi
 
About the IETF: Presentation for the University of Botswana
About the IETF: Presentation for the University of BotswanaAbout the IETF: Presentation for the University of Botswana
About the IETF: Presentation for the University of BotswanaInternet Society
 
Webinar on 1st Open Call - slideset
Webinar on 1st Open Call - slidesetWebinar on 1st Open Call - slideset
Webinar on 1st Open Call - slidesetsymbiote-h2020
 
Driving Networks Forward to the Hyper-Connected World
Driving Networks Forward to the Hyper-Connected WorldDriving Networks Forward to the Hyper-Connected World
Driving Networks Forward to the Hyper-Connected WorldQuEST Forum
 
Flink's Journey from Academia to the ASF
Flink's Journey from Academia to the ASFFlink's Journey from Academia to the ASF
Flink's Journey from Academia to the ASFFabian Hueske
 
ATMOSPHERE at HPC2018 – Fogbow: Middleware for the Federation of IaaS Cloud P...
ATMOSPHERE at HPC2018 – Fogbow: Middleware for the Federation of IaaS Cloud P...ATMOSPHERE at HPC2018 – Fogbow: Middleware for the Federation of IaaS Cloud P...
ATMOSPHERE at HPC2018 – Fogbow: Middleware for the Federation of IaaS Cloud P...ATMOSPHERE .
 
Increasing Routing Security through RPKI Deployathon
Increasing Routing Security through RPKI DeployathonIncreasing Routing Security through RPKI Deployathon
Increasing Routing Security through RPKI DeployathonRIPE NCC
 

Similar to Internet Standards - The IETF (20)

Some Internet Topics: Horizontals, the IETF, and IPv6
Some Internet Topics: Horizontals, the IETF, and IPv6Some Internet Topics: Horizontals, the IETF, and IPv6
Some Internet Topics: Horizontals, the IETF, and IPv6
 
Internet Numbers
Internet NumbersInternet Numbers
Internet Numbers
 
Quant - Interchain Development And Cross-Chain Protocols. BlockchainLive 2018
Quant - Interchain Development And Cross-Chain Protocols. BlockchainLive 2018Quant - Interchain Development And Cross-Chain Protocols. BlockchainLive 2018
Quant - Interchain Development And Cross-Chain Protocols. BlockchainLive 2018
 
ION Durban - What's Happening at the IETF?
ION Durban - What's Happening at the IETF?ION Durban - What's Happening at the IETF?
ION Durban - What's Happening at the IETF?
 
ION Malta - IETF Update
ION Malta - IETF UpdateION Malta - IETF Update
ION Malta - IETF Update
 
ION Islamabad - What's Happening at the IETF?
ION Islamabad - What's Happening at the IETF?ION Islamabad - What's Happening at the IETF?
ION Islamabad - What's Happening at the IETF?
 
ION Belfast - Opening Slides - Chris Grundemann
ION Belfast - Opening Slides - Chris GrundemannION Belfast - Opening Slides - Chris Grundemann
ION Belfast - Opening Slides - Chris Grundemann
 
TFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & OperationalizationTFI2014 Conference Opening - ISOC Deployment & Operationalization
TFI2014 Conference Opening - ISOC Deployment & Operationalization
 
ION Costa Rica - About the IETF and How to Get Involved
ION Costa Rica - About the IETF and How to Get InvolvedION Costa Rica - About the IETF and How to Get Involved
ION Costa Rica - About the IETF and How to Get Involved
 
ION Belgrade - IETF Update
ION Belgrade - IETF UpdateION Belgrade - IETF Update
ION Belgrade - IETF Update
 
Config Management and Data Service Deep Dive
Config Management and Data Service Deep DiveConfig Management and Data Service Deep Dive
Config Management and Data Service Deep Dive
 
IETF's Role and Mandate in Internet Governance by Mohit Batra
IETF's Role and Mandate in Internet Governance by Mohit BatraIETF's Role and Mandate in Internet Governance by Mohit Batra
IETF's Role and Mandate in Internet Governance by Mohit Batra
 
About the IETF: Presentation for the University of Botswana
About the IETF: Presentation for the University of BotswanaAbout the IETF: Presentation for the University of Botswana
About the IETF: Presentation for the University of Botswana
 
Webinar on 1st Open Call - slideset
Webinar on 1st Open Call - slidesetWebinar on 1st Open Call - slideset
Webinar on 1st Open Call - slideset
 
data communication
data communicationdata communication
data communication
 
Driving Networks Forward to the Hyper-Connected World
Driving Networks Forward to the Hyper-Connected WorldDriving Networks Forward to the Hyper-Connected World
Driving Networks Forward to the Hyper-Connected World
 
WebRTC Summit (June 2014) - WebRTC Interoperability (and why it is important)
WebRTC Summit (June 2014) - WebRTC Interoperability (and why it is important)WebRTC Summit (June 2014) - WebRTC Interoperability (and why it is important)
WebRTC Summit (June 2014) - WebRTC Interoperability (and why it is important)
 
Flink's Journey from Academia to the ASF
Flink's Journey from Academia to the ASFFlink's Journey from Academia to the ASF
Flink's Journey from Academia to the ASF
 
ATMOSPHERE at HPC2018 – Fogbow: Middleware for the Federation of IaaS Cloud P...
ATMOSPHERE at HPC2018 – Fogbow: Middleware for the Federation of IaaS Cloud P...ATMOSPHERE at HPC2018 – Fogbow: Middleware for the Federation of IaaS Cloud P...
ATMOSPHERE at HPC2018 – Fogbow: Middleware for the Federation of IaaS Cloud P...
 
Increasing Routing Security through RPKI Deployathon
Increasing Routing Security through RPKI DeployathonIncreasing Routing Security through RPKI Deployathon
Increasing Routing Security through RPKI Deployathon
 

More from RIPE NCC

Navigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryNavigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryRIPE NCC
 
Traces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionTraces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionRIPE NCC
 
Governing Environmental Sustainability in Tech
Governing Environmental Sustainability in TechGoverning Environmental Sustainability in Tech
Governing Environmental Sustainability in TechRIPE NCC
 
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfGerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfRIPE NCC
 
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISLIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISRIPE NCC
 
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopIntro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopRIPE NCC
 
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfIGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfRIPE NCC
 
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfRIPE NCC
 
RIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC
 
IPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsIPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsRIPE NCC
 
RPKI For Routing Security
RPKI For Routing SecurityRPKI For Routing Security
RPKI For Routing SecurityRIPE NCC
 
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfSEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfRIPE NCC
 
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasKnow Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasRIPE NCC
 
Minimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasMinimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasRIPE NCC
 
RIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasRIPE NCC
 
111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure111 views of Swiss Internet Infrastructure
111 views of Swiss Internet InfrastructureRIPE NCC
 
The RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenThe RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenRIPE NCC
 

More from RIPE NCC (20)

Navigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet RegistryNavigating IP Addresses: Insights from your Regional Internet Registry
Navigating IP Addresses: Insights from your Regional Internet Registry
 
Traces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate ActionTraces of Power: Internet Governance and Climate Action
Traces of Power: Internet Governance and Climate Action
 
Governing Environmental Sustainability in Tech
Governing Environmental Sustainability in TechGoverning Environmental Sustainability in Tech
Governing Environmental Sustainability in Tech
 
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdfGerardo-Viviers-RPKI-presentation-DKNOG14.pdf
Gerardo-Viviers-RPKI-presentation-DKNOG14.pdf
 
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RISLIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
LIA HESTINA - Minimising impact before incidents occur with RIPE Atlas and RIS
 
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshopIntro to RIPE and RIPE NCC: RIPE Atlas workshop
Intro to RIPE and RIPE NCC: RIPE Atlas workshop
 
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdfIGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
IGF UA - Dialog with I_ organisations - Alena Muavska RIPE NCC.pdf
 
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdfOpportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
Opportunities for Youth in IG - Alena Muravska RIPE NCC.pdf
 
RIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement ToolsRIPE NCC Internet Measurement Tools
RIPE NCC Internet Measurement Tools
 
IPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the BalticsIPv6 in Central Europe and the Baltics
IPv6 in Central Europe and the Baltics
 
RPKI For Routing Security
RPKI For Routing SecurityRPKI For Routing Security
RPKI For Routing Security
 
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdfSEEDIG 8 - Alena Muravska RIPE NCC.pdf
SEEDIG 8 - Alena Muravska RIPE NCC.pdf
 
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE AtlasKnow Your Network: Why Every Network Operator Should Host RIPE Atlas
Know Your Network: Why Every Network Operator Should Host RIPE Atlas
 
Minimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE AtlasMinimising Impact When Incidents Occur With RIPE Atlas
Minimising Impact When Incidents Occur With RIPE Atlas
 
RIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement ServicesRIPE NCC Internet Measurement Services
RIPE NCC Internet Measurement Services
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
Spotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE AtlasSpotting Latency Issues with RIPE Atlas
Spotting Latency Issues with RIPE Atlas
 
111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure111 views of Swiss Internet Infrastructure
111 views of Swiss Internet Infrastructure
 
The RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in SwedenThe RIPE NCC’s View of IPv6 in Sweden
The RIPE NCC’s View of IPv6 in Sweden
 

Recently uploaded

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 

Recently uploaded (20)

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 

Internet Standards - The IETF

  • 1. Mirjam Kühne | MEAC-SIG 2019, Rabat, Morocco | July 2019 Internet Standards - The IETF Mirjam Kühne, RIPE NCC, Senior Community Builder
  • 3. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • The Mission of the IETF is to make the Internet work better by producing high quality, relevant technical documents that influence the way people design, use, and manage the Internet. (RFC 3935) • Loosely self-organised group of people who contribute to the engineering and evolution of Internet technologies (The Tao) The IETF mission
  • 4. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • A Standards Development Organisation (SDO) - Focus on Internet technologies: email, ftp, http, dns - Other SDOs: ITU, IEEE, ETSI, W3C • No formal membership - People participate as individuals • No formal voting (instead: humming) • No formal government role - Driven by market adoption The IETF is a little different ..
  • 5. Mirjam Kühne | MEAC-SIG 2019 | July 2019 IETF culture
  • 6. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Anybody can participate • Typically network designers, operators, vendors, and researchers • Working on evolution of the Internet architecture and the smooth operation of the Internet • Pretty international Who participates in the IETF?
  • 7. Mirjam Kühne | MEAC-SIG 2019 | July 2019 IETF participation !7
  • 8. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Technical work done in Working Groups (~ 130) • Organised by topical areas (currently 7) • Three face-to-face meetings per year - 1,000 - 1,400 participants - Good remote participation facilities • Most work done on mailing lists - Open to anybody! How does it work?
  • 9. Mirjam Kühne | MEAC-SIG 2019 | July 2019 IETF areas !9
  • 10. Mirjam Kühne | MEAC-SIG 2019 | July 2019 IETF structure !10
  • 11. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • IESG: Internet Engineering and Steering Group - Responsible for technical management of IETF activities • IRTF: Internet Research Task Force - Focused on longer-term research topics • IAB: Internet Architecture Board - Oversight of Internet architecture and standards process • IETF LLC: IETF Limited Liability Company - Legal home for the above; admin and fiscal support Alphabet soup
  • 12. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • IETF mantra: - “We reject kings, presidents and voting. We believe in rough consensus and running code.” • Consensus is achieved when all issues are addressed - But they are not all necessarily accommodated • Dissenting options are heard, but are not controlling • Humming: a way to measure consensus (anonymously) • “On Consensus and Humming in the IETF” (RFC 7282) IETF and consensus
  • 13. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • All IETF documents are open and freely accessible • Not all RFCs Are Standards (RFC 1796) • Categories - Proposed Standards and Full Standards - Best Current Practices (BCPs) - Informational - Experimental - Historic Requests for Comments - RFCs
  • 14. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • RFC Index: - https://www.rfc-editor.org/rfc- index.html - https://www.rfc-editor.org/info/ rfc8624 RFCs !14
  • 15. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Hackathons • Code Sprints • BoFs • Tutorials • Plenaries Other IETF events !15
  • 16. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Describes many aspects of the IETF - Especially useful for newcomers - Makes participation more productive and fun • Talks about Working Groups, Mailing Lists, Meetings, Running Code, Online Tools, BoFs and RFCs and more - https://www.ietf.org/about/participate/tao/ (recently updated) • Translations, including Arabic (2012 version) - http://www6.ietf.org/tao-translated-ar.html The Tao of the IETF
  • 17. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • You can participate remotely - Registration, presentation - Chat rooms - Video streaming • https://www.ietf.org/about/participate/ - How to get started - Tutorials on technical and procedural topics Remote participation
  • 18. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Bottom-up, voluntary - Participation as individuals • Competitors work together to find best solution for all - Consensus via humming (anonymous) • Market decides about what becomes a standard - Sometimes multiple solution for same problem • Not a legal entity - Volunteer platform Main take-aways
  • 20. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • In 1999 the IETF was working on media gateway protocols • US Law Enforcement asked the IETF to make protocols compliant with the US Communications Assistance for Law Enforcement Act (CALEA) • In the end the IETF decided not to follow this request • “IETF Policy on Wiretapping” (RFC 2804, May 2000) Some history: RFC 2804
  • 21. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • After Edward Snowden’s revelations, the IETF took a strong position: - “Pervasive monitoring is a technical attack that should be mitigated in the design of IETF protocols, where possible.” • Pervasive Monitoring Is an Attack (RFC 7258, May 2014) - http://www.circleid.com/posts/20190407_dns_privacy_at_ietf_104/ by Geoff Huston Some more history: RFC 7258
  • 22. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Many actors seem to be looking at the DNS - To observe what we all do online and to suggest what services we can access • Can we stop DNS surveillance completely? - Probably not • But we can make it harder to collect individual profiles of activity DNS surveillance
  • 23. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • DNS name resolution protocol is unencrypted - Anyone can see transactions on the wire - Anyone can intercept DNS queries - And every Internet transaction starts with a DNS query • IETF DNS Private Exchange WG (dprive) - Develops mechanisms to provide confidentiality to DNS transactions - Addresses concerns surrounding pervasive monitoring (RFC 7258) Why do actors use the DNS for that?
  • 24. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • QNAME Minimisation (RFC 7816) - DNS resolver no longer sends the entire original query name to the upstream name server - Instead it sends only parts of the hierarchy Solutions to enhance DNS privacy (1)
  • 25. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • DNS over TLS - DoT (RFC 7858, RFC 8310) - TLS is a TCP ‘overlay’ that adds server authentication and session encryption to TCP - Client validates identity of server - The privacy is relative, as the recursive resolver still knows all your DNS queries - Uses port 853 - can easily be blocked by middleware - Some DNS recursive resolvers support DNS over TLS (e.g. BIND, Unbound) Solutions to enhance DNS privacy (2)
  • 26. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Specialised services available to a few technical people - But that might be changing as more providers offer it by default • Can easily be blocked (port 853) • Prevents surveillance on the wire, but still shares your DNS activity with the DoT service provider - Still better than not having any encryption DoT - disadvantages
  • 27. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • DNS over HTTPS - DoH (RFC 8484) - Very similar to DoT, but: - Uses port 443 (HTTPS) - makes it difficult to distinguish from HTTPS traffic - Not turned on by user or ISP, but by browser or application vendor - Therefore bypasses the operating system and its settings • Could become “mainstream" service used by potentially billions of end users Solutions to enhance DNS privacy (3)
  • 28. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • The device-to-resolver connection is encrypted and hidden inside Web traffic • Each application can operate a different DNS resolver - DNS becomes application level services (instead of networking service) - Makes it hard to debug for your ISP • Each application gains more control over your resolver choice - Application/browser vendors can effectively dominate the Internet's namespace DoH - disadvantages
  • 29. Mirjam Kühne | MEAC-SIG 2019 | July 2019 • Unencrypted vs. encrypted • Business model: ISP vs. over-the-top media (browser or app) • Distributed vs. concentrated • Local vs. remote • Trust your local ISP vs. trust remote browser vendor? • User choice vs. application’s choice - You won’t even notice Main issues around Dot and DoH
  • 30. Questions Mirjam Kühne | MEAC-SIG 2019 | July 2019 mir@ripe.net @mir_ripe_labs !30