ietf « WordPress.com Tag Feed

Världens Datacom och säkerhets gurus i Stockholm i juli

Mohammad Mahloujian — Sat, 05 Dec 2009 11:49:14 +0000

Stockholm värd för IETF:are under slutat av juli

Under 26-31 juli 2009 kommer Stockholm att invaderas av uppskattningsvis 800-1000 IETF medlemmar. IETF:s första möte var i San Diego 1986 då med endast 21 medlemmar. Normalt är det uppemot 1500-1800 deltagare men den rådande ekonomiska krisen antagligen innebär mycket färre deltagare. Det största IETF-möte som jag själv deltog i var i San Diego med över 2300 betalande deltagare med över 15 parallella sessioner.

Värden för IETF under sommaren är Stiftelsen för Internetinfrastruktur känd även som .SE (http://www.iis.se)

Varför är det så intressant för dig och mig?

Använder man datorer som är kopplade till vilket IP-nätverk som helst (Internet, VPN, ,LAN) då använder vi protokoll som är standardiserat i IETF. Eller om du använder e-post, surfar med någon web browser tom när du startar din dator och får automatisk tillgång till IP-adress och diverse andra information som lämnas av DHCP-server, ja även DHCP är standardiserat i IETF. En hel del av de IP-relaterade protokoll som idag används i mobilen är också från IETF. Både du och jag använder flertal av IETF protokoll varje dag helt enklt.

IETF folk är en samling mycket engagerade folk som försöker att ringa in problemet, dela den i mindre bitar och skapa så generella lösningar som det bara går. Är man intresserad av IP standards då rekommenderar jag att man funderar på att delta, MEN jag rekommenderar att välja några intressanta områden (som passar just dig) sedan anmäla sig till mailinglistan för att ta del av diskussionerna och även själv delta i diskussionerna om man har något intressant erfarenhet/kunskap att förmedla. Om ämnen och diskussionerna verkar vara intressant då rekommenderar jag definitivt att anmäla sig till mötet i Juli i Stockholm.

Några enkla frågor och svar för den intresserade:

Kan jag delta privat eller måste det ske från mitt företag?
Inom IETF medlemmar representerar sig själv och inte ditt företag eller organisation. Så det går jätte bra att delta som privat person. Men det kan vara fördelaktig att ens företag/organisation står för resa, upphälle och omkostnader
Hur blir jag medlem?
Man behöver inte vara medlem, man anmäler sig bara till den/de arbetsgruppen som man är intresserade att följa genom att skicka ett e-post till mailinglista.
Vad behöver jag göra om jag vill delta på IETF-mötet i Stockholm?
Du anmäler dig till mötet. (just nu pågår anmälan för mötet som sker i San-Francisco under sista veckan i mars. Anmälan till IETF mötet i Stockholm öppnasantagligen någon gång under maj).
Vad kostar det?
Early-Bird: $635 (man måste dock betala före en viss datum) annars kostar de $785 . Studenter betalar endast $150 (man måste verifiera med giltig student legitimation).

Notera att Sverige har många duktiga datacom, säkerhet och andra IT-Gurus som naturligtvis finns redan på hemma plan. Ingen nämnt, ingen glömt!

Besök gärna IETF hemsida http://www.ietf.org

Mvh

M Mahloujian

———————————————-
Detta är en kopia av min tidigare inlägg på IDG
http://blogg.idg.se/ietf
26 februari 2009

Who are the IETF?

post — Wed, 11 Nov 2009 20:22:50 +0000

Mission Statement

The mission of the IETF is make the Internet work better by producing high quality, relevant technical documents that influence the way people design, use, and manage the Internet.

The IETF will pursue this mission in adherence to the following cardinal principles:

Open process – any interested person can participate in the work, know what is being decided, and make his or her voice heard on the issue. Part of this principle is our commitment to making our documents, our WG mailing lists, our attendance lists, and our meeting minutes publicly available on the Internet.

Technical competence – the issues on which the IETF produces its documents are issues where the IETF has the competence needed to speak to them, and that the IETF is willing to listen to technically competent input from any source. Technical competence also means that we expect IETF output to be designed to sound
network engineering principles – this is also often referred to as”engineering quality”.

Volunteer Core – our participants and our leadership are people who come to the IETF because they want to do work that furthers the IETF’s mission of “making the Internet work better”.

Rough consensus and running code – We make standards based on the combined engineering judgement of our participants and our real-world experience in implementing and deploying our specifications.

Protocol ownership – when the IETF takes ownership of a protocol or function, it accepts the responsibility for all aspects of the protocol, even though some aspects may rarely or never be seen on the Internet. Conversely, when the IETF is not responsible for a protocol or function, it does not attempt to exert control over it, even though it may at times touch or affect the Internet.

Note: Some of the text on this page is excerpted from RFC 3935.

Transmissão de pensamentos

franciiiiisco — Fri, 16 Oct 2009 22:28:56 +0000

Leia a matéria abaixo. Comento depois.

Ciência mais perto da ‘transmissão de pensamentos’

Cientistas britânicos acreditam ter chegado mais perto da “transmissão de pensamentos” através da internet. O sistema foi desenvolvido por uma equipe da Universidade de Southampton, que descreveu o estudo como os “primeiros passos de bebê” rumo à leitura total da mente.

O experimento, detalhado nesta quinta-feira pelo jornal The Times, utiliza uma técnica que permite a interpretação de sinais cerebrais por computadores. Por enquanto, porém, só podem ser transmitidos códigos binários – sequências de 0 e 1 – , o que significa que ainda está longe de você ter de se preocupar com o pensa na frente dos outros.

Paramedir a atividade cerebral, duas pessoas tiveram eletrodos conectados em seus crânios. A primeira pessoa gerou uma série de números 0 e 1 ao imaginar mexer o braço esquerdo (0) ou direito (1). A mensagem foi decodificada por um computador e enviada pela internet para outro PC, o qual emitiu o sinal na forma de um piscar de luzes, interpretado automaticamente pelo cérebro da segunda pessoa e traduzido direto na tela do computador.

Como funciona em rede, significa que as pessoas não precisam estar no mesmo ambiente – e sequer no mesmo país – para se comunicarem por pensamentos. Christopher James, que liderou o estudo, destaca que não se trata de telepatia:”Não há pensamento consciente se formando na cabeça de uma pessoa e outro pensamento consciente aparecendo na mente de outra pessoa”. O pesquisador acredita que sua invenção poderá um dia ser útil para aqueles que estão “presos em seus corpos, que não podem falar, nem mesmo piscar”.

http://veja.abril.com.br/noticia/ciencia-tecnologia/ciencia-mais-perto-transmissao-pensamentos-505818.shtml

Voltei.

O primeiro passo é sempre o mais difícil de ser dado. Agora o avanço será rápido. Já antevejo o futuro.
O próximo empecilho a retirar é a necessidade de lidar com os incômodos números binários. Cientistas da IBM já estão projetando um compilador – a ser implantado em chip no crânio – que converta instruções Assembly em impulsos mentais. O temor dos pesquisadores está em alguma instrução provocar estouro de pilha e causar ataques epiléticos. Prometem que vão escrever um artigo sobre isso assim que encontrarem referências bibliográficas em algum sebo.

Outras pesquisas se mostram mais promissoras. Brian Kernighan e Dennis Ritchie trabalham em uma versão adaptada do compilador C – sem o uso de ponteiros – depois que um ponteiro não inicializado apagou a uma área de memória de um membro da equipe de testes. Resta saber para que servirá um C sem ponteiros!

Um IDE Netbeans também está sendo desenvolvido. O chip RAMBUS para armazenar o compilador estará disponível em breve e pesará um quilo e oitocentos gramas.

O projeto da Sun Microsystems/Oracle é o mais arrojado de todos. Uma máquina virtual Java promete rodar em qualquer tipo de plataforma craniana, desde os malaios até os cearenses. Indagados Quanto ao desempenho, os engenheiros desconversaram, mas revelaram trabalhar numa versão stand-alone para pessoas que usam intensamente o cérebro. A Oracle, que comprou recentemente a Sun, já anunciou que vai cobrar por neurônio instalado.

A enorme mudança de paradigma atinge também o mundo das telecomunicações, em especial o das redes sem fio.
Engenheiros da 3Com trabalham em 3 projetos internos de chips com interfaces sem fio embutidas, de diferentes velocidades. Os projetos têm os nomes-código Javé, Einstein e Carla Peres, direcionados a diversos nichos de mercado e níveis de preço diferentes.

Como era previsível, o número de endereços IP da versão IPv6 ainda será pequeno para tanta demanda, e uma força-tarefa do IETF já trabalha arduamente na versão 7, com endereços de 16384 bits. Matemáticos calculam que com esse tamanho haverá 10245467 IPs diferentes para cada pensamento na face da terra.

Nessas circunstâncias, a segurança também será bastante afetada. Cada pessoa deverá ter um pequeno servidor Kerberos rodando na cachola, para permitir o início de conversas. Moças de família não poderão sair de casa com criptografia de menos de 1024 bits. O Norton já lançou um pacote de utilitários para qualquer eventualidade.

As perspectivas são vastas.

Global Cyber News Bits, September 17, 2009 from CommunityDNS

CommunityDNS — Thu, 17 Sep 2009 19:27:12 +0000

Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

Fraudsters add IM to phishing attacks

With online bank credentials selling for as much as $1,000 per compromised account it is well within the possibility for cybercriminals to establish a call center, adding in technologies used by legitimate companies.

Suggesting this may already be in the prototype stage customers from one US bank were targeted with spam that included IM chat. This ‘chat-in-the-middle” form is for the hackers to persuade users to answer security questions that would have the user handing over their names, address, phone number and other sensitive information.

Click here for more information.

Antivirus Rarely Catches Zbot Zeus Trojan

With the Zbot botnet consisting of 3.6 million computers in the US, Zeus is the top financial Trojan that represents 44% of today’s financial malware infections.

Recent research shows the botnet is only detected by up-dated anti-virus packages 23% of the time. The bot, with its various mutations, is effective at hiding itself within a computer’s OS.

Click here for more information.

IETF forges botnet clean-up standard

As reported in the September 15 version of the News Bits, the Australian government is working to address how ISPs can take down botnets by identifying them and notifying a computer’s owner about their computer’s infection and ways to clean the system from being a bot.

The IETF is doing something similar with their draft proposal of “Recommendations for the Remediation of Bots in ISP Networks”. Part of the document covers how to detect botnets. This is currently in the draft stage with the IETF inviting feedback on the proposals.

Click here for more information.

US healthcare data plan slammed for encryption get-out clause

A new law that goes into effect September 23rd will protect organizations who use encryption to protect their clients. If data is breached AND the data was encrypted, organizations will not need to inform their customers of the data breach. Only if the data was not encrypted will users need to be notified of such breaches.

Comment: It can be seen where this will provide incentive for other organizations to ensure data is encrypted. However it sounds as if once encrypted data can never be hacked.

Click here for more information.

EU seeks to close digital divide with broadband aid

With the goal of making the EU 100% covered with broadband by 2010 the EU Commission released guidelines specifying how public funds may be used to help companies rollout broadband networks.

While still relying on private organizations to fund most of the costs, the Commission’s rules would make it easer for funds to be obtained for projects in areas where broadband does not exist. Obtaining funds would be more difficult in areas where there is already more than one network operator.

Click here for more information.

White paper on 6LoWPAN Neighbor Discovery

zdshelby — Wed, 16 Sep 2009 20:12:15 +0000

A new white paper is now available from the IPSO Alliance which I wrote together with Samita Chakrabarti from IP Infusion. For someone wanting to understand the Neighbor Discovery solution being developed for use in 6LoWPAN networks this is the best place to start:

“6LoWPAN Neighbor Discovery: A High-level Overview”

The course slides for our upcoming 6LoWAN book will be avialable soon on 6lowpan.net, which include tutorial slides about 6LoWPAN Neighbor Discovery. Or see a recent tutorial I gave on 6LoWPAN at the SenZations summer school.

For those interested in all the details, see the document in progress in the IETF 6lowpan working group. Here is a link to the latest version of the Internet Draft (released two weeks ago): draft-ietf-6lowpan-nd-05

Enjoy!

Un standard IETF pour la lutte contre les bots chez les FAI

Eric Freyssinet — Wed, 16 Sep 2009 19:32:38 +0000

Comme pour faire suite à l’article que j’ai publié hier, une information tombe à propos

Global Cyber News Bits, September 8, 2009 from CommunityDNS

CommunityDNS — Tue, 08 Sep 2009 18:57:43 +0000

Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

ENISA warns of alarming increase in ATM crime

With a 149% increase in ATM attacks in 2008 ENISA has issued an alert regarding thefts from ATMs and suggestions on what to look for when using ATMS.

While 72% of European ATMs are based in 5 countries, the number of ATMs across Europe increased 6% to almost 400,000.

While taking cash directly from accounts using stolen credentials is the preferred method, the number of incidents reported through “skimming” (obtaining information through small spy cameras, fake machines to false PIN overlays) reached 10,302.

The number is expected to climb as ATMs will be offering other services such as offering stamps and phone top ups.

Click here for more information.

UK.biz lax on web app security

The security trend for UK-based corporate websites is that they are getting worse. A UK-based security firm has determined that 27% (up from 17% last year) of all UK-based web applications tested have at least one high risk issue. While web apps fare best in the utilities and legal industry sectors, the service and not-for-profit sectors fare the worst, with the service sector being the worst.

The three basic high risk flaws are:

SQL injection attacks

Cross-site scripting (CSS) attacks

Cross-request forgery attacks

Click here for more information.

Worm wiggles through weary WordPress

As the popular blogging platform, WordPress, becomes a more enticing target for hackers, one hack targets holder installations of WordPress; pre 2.8.4 versions. The hack is where hidden spam and malware is inserted into your older posts.

Click here for more information.

Congress weighs landmark change in Web ad privacy

Chair of the House Energy and Commerce Subcommittee on Communications, Technology and the Internet is co-sponsoring a bill that would change how information on Internet users is being tracked for marketing purposes. Today people are unaware of the tactics used to track what pages users access and their surfing habit, all with the idea of providing targeted advertising based on their web surfing habits.

The issue at this juncture of the bill is should people be allowed to opt-in before information is gathered, or shall people have the option of opting-out.

The last major Internet-focused bill was one dealing with online privacy in 1986. This will be the first bill that targets Internet advertising.

Click here for more information.

“Anonymized” data really isn’t – and here’s why not

As companies compile data on people and thus “anonymize” the data, computer scientists are finding ways to take such “anonymized” or “scrubbed” data and mine details on “identified” people.

Click here for more information.

Global broadband connections reach 445 million

A total of 445 million broadband connections reach users globally, according to the recent release of an annual study for the year. The number of connections is an increase of 12.9 million new connections over last year.

70% of all broadband connections are found in the following 10 countries:

China with 93,549,000 connections

USA with 86,227, 582 connections

Japan with 31,085,500 connections

Germany with 24,086,250 connections

France with 18,324,300 connections

UK with 17,838,200 connections

South Korea with 15,876,992 connections

Italy with 12,85,463 connections

Brazil with 10,469,755 connections

Canada with 9,618,107 connections

Growth in Western Europe dropped in growth over the year while growth increased in Eastern Europe and Asia-Pacific.

DSL accounts for 64% of the connections, cable with 21%, 13% for fiber with wireless and satellite/other accounting for 1% each

Click here for more information.

Home fibre plans survive downturn

Newly released survey results show an 18% growth of broadband delivery in Europe to homes over this time last year. With no less than 233 projects currently underway in Europe, it is expected that by 2012 13 million people across 35 European nations will have fibre as their broadband connection with speeds starting at 100 mbps.

Click here for more information.

2010 could be the last year for IPv4 as we know it

We currently have 788 million IPv4-based addresses available. So why the rush to move towards IPv6? The current burn rate of IP address requests has shown that the number will be dwindling down to almost nothing within the next couple of years. So why is 2010 a possible date? RIRs maintain a nime month supply of address space. When they dip below that amount IANA issues two new “/8”s to the respective RIR. When IANA reaches the last 5 “/8” address spaces they will each be allocated to a respective RIR. The RIR will then have the responsibility for distributing the IP addresses for its last IPv4 “/8”. APNIC will be expected to rapidly burn through its last “/8” due to China’s growth and its demand for IP addresses. AfriNIC, on the other hand, uses only a couple of million addresses. So while AfriNIC can have IPv4 addresses for years to come, APNIC may find itself completely out of IPv4 addresses relatively soon.

Click here for more information.

Useful sites for beginning webmasters

chimac — Fri, 28 Aug 2009 21:31:44 +0000

The Site Wizard helps you copy and paste code to get a website up quickly. W3Schools help to understand HMTL and even has examples of code. To learn about standards go here. To learn about the IETF go here. To register your domain go to GoDaddy or NetworkSolutions. To learn more about javascript go here.

News from the 75th IETF

zdshelby — Mon, 03 Aug 2009 10:29:10 +0000

I attended the 75th Internet Engineering Task Force (IETF) meeting in Stockholm last week. Here is some of the latest news from IETF activities related to the Internet of Things:

6LoWPAN - The 6lowpan working group is currently moving four Internet-Drafts towards last call in the standards track (Improved Header Compression, 6LoWPAN Neighbor Discovery) and informational track (Use Cases, Routing Requirements). I presented the latest ND draft, which has good consensus and will be going through a round of technical improvements within 2 weeks. Next the WG is looking to re-charter to continue on subjects such as security, MIBs etc.

ROLL – The roll working group presented the RPL (pronounced “ripple”) routing protocol draft, which has been accepted as an official working group document today. This will be the basis for routing over low-power and lossy networks including 6LoWPAN, which still needs lots of contribution to reach a full solution.

New 6lowapp effort - We held a very successful meeting about applications in resource-constrained networks. About 60-70 people attended presentations from Carsten Bormann, Don Sturek (from Pacific Gas & Electric and ZigBee/IP) along with a set of 2-minute stand-ups. The presentation is available here. The feedback from IETF Area Directors was that there is obvious support, motivation and requirements (and that we are in a hurry) – so start working! A 6lowapp mailing list and wiki page will be coming soon, keep tuned.

There was a great presence at the IETF from IPSO members, who held several meetings during the same week. Thanks to the move of ZigBee and the energy industry towards all-IP smart energy we say many new participants in Stockholm. It is really positive to see the collaboration between the IETF, IPSO, ZigBee and Utilities in this area.

6LowApp - Embedded Application Protocols

zdshelby — Tue, 07 Jul 2009 11:19:20 +0000

We have kicked off a new effort at the IETF called 6LowApp. The goal is to develop application protocols for resource-constrained embedded devices and networks. Now that 6LoWPAN and ROLL are providing a framework for wireless embedded IP networking, the next fronteir is suitable application protocols for discovery, management and data transfer.

IETF 75 (Stockholm) 6LowApp Wiki

Problem Statement Internet-Draft

Please show your support and contibute your ideas for 6LowApp. In Stockholm there will be an informal Bar BOF anyone can attend to show interest and discuss ideas, and you can always show your support on the mailing lists. Keep tuned here, as the process moves forward I’ll keep writing on our progress.

CommunityDNS News Bits, June 22, 2009.

CommunityDNS — Mon, 22 Jun 2009 18:42:03 +0000

Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

Twitter Spam Spreads Worm

A new form of spreading malware through Twitter is emerging. While Twitter is best known for people including a link with their microblog, the hacker community has been sending tweets that include links that direct a user to a malware infested site, thus infecting the innocent bystander. The new form is to use an old trick, that of attaching a worm to a document that downloads onto the user’s PC upon opening the attached document.

While Twitter Tweets are best known for users adding a URL to their Tweet to provide more information, users may also forward attachments using tools designed for Twitter.

Click here for more information.

Twitter message could be cyber criminal at work

A Spanish anti-virus maker has been monitoring Twitter and the explosion of links routing to malware. As of late the number has exploded through the creation of accounts and posting information on trendy topics such as the Air France plane crash, the NBA finals, the new iPhone and American Idol’s runner up, Adam Lambert.

Comment: This is a good read as it provides a good overview of regarding the malicious and hacking community.

Click here for more information.

Facebook tackles potent click fraud scam

BotNets are being used to log into Facebook and click on the banner ads found on Facebook. While such procedures do not result in trying to sell anything to users, the clicking of ads generates revenue from firms using pay-per-click organizations such as Google’s Adsense.

Click here for more information.

Want a job? Hand over your Facebook password

Applicants seeking employment with the city of Bozeman, Montana, US, were surprised to learn the application asked them for their usernames and passwords for all of the social networking, personal or business websites, web pages or memberships of Internet-based chat rooms and forums used by the applicant. With the idea of doing a full background check prior to hiring prospective employees the city was met with heavy resistance from it citizens over the practice for invading one’s privacy. The city has since reconsidered their requests.

Comment: While countries and regions are looking for laws to maintain information on anything that passes through their respective Internet space so as to be tagged by law enforcement should investigations be necessary, might this be an example of what other organizations are either doing, or wanting to do with its employees? Do such privacy laws cover people whose organizations are based outside of an employee’s respective jurisdiction?

Click here for more information.

Comcast to provide wholesale IPv6 service

While the protocols for utilizing IPv6 are in place operational guidelines are not. Some examples include home networking equipment. How do broadband ISPs implement IPv6 when home routers and broadband infrastructure service providers do not? How can IPv6 be implemented easily without affecting users and their home routers? These are some of the topics being discussed with regards to the rollout of IPv6.

Click here for more information.

International Domain Name Examples and #idnfail Apps

i18nguy — Thu, 18 Jun 2009 08:01:16 +0000

At the April 2005 Unicode conference IUC27 in Berlin there were several interesting sessions on international domain names (IDN).

(The paper I presented at the conference on internationalizing domain names is at www.i18nguy.com/markup/internationalizing-web-addresses.html.)

Here are example international domain names that exist today for museums: http://www.i18nguy.com/markup/idna-examples.html

The list is handy for testing IDN in applications.

(You may need an appropriate font to read them.)

Why the list isn’t in this blog

Originally, the list of IDNs were in this blog. It turns out that WordPress treats the domain names as URLs and converts the bytes to hex encoded values. This is wrong for IDN. So you cannot properly link to international domain names in WordPress blogs at the moment.

As a result, I suggested on twitter to use the hashtag #idnfail for people to report blog, twitter and other applications that are broken with respect to international domain names.

The initial list of #idnfail apps (which I have not verified myself for each entry) is:

WordPress
tweetie
twitteriffic
Facebook sharer app
http://txtn.us

You can search twitter for #idnfail to get further updates, although I hope to update the above list from time to time.

Meta-Pubs Again (Again)

cdivilly — Fri, 12 Jun 2009 13:58:43 +0000

I’m revisiting how to extract the meta-publishing (AtomPub Collection creation) portions of the first Atom Hierarchy Draft into a standalone spec independent of hierarchy considerations. I am contemplating changing the actual process of creating the Collection. I see publishing a new Collection as very akin to publishing an AtomPub Media Resource. An example of the interaction I think makes sense is below:

Imagine a new media type: application/atomcoll+xml, contents of the document are an app:collection element per RFC5023.

Advertising MetaPub Capability

A Collection advertises that it supports the creation of new Collections via the RFC5023 app:accepts mechanism:

<feed xmlns="http://www.w3.org/2005/Atom" xmlns:app="http://www.w3.org/2007/app">
  <link rel="self" href="http://example.org/collection"/>
  <app:collection href="http://example.org/collection">
    <title>Collection Feed</title>
    <app:accept>application/atomcoll+xml</app:accept>
    <app:accept>application/atom+xml;type=entry</app:accept>
  </app:collection>
  ...
</feed>

Creating a New Collection

A client creates a new AtomPub Collection by sending an application/atomcoll+xml document to the above collection URI:

POST /collection HTTP/1.1
Host: example.org
Content-Type: application/atomcoll+xml
Slug: My New Collection
Content-Length: nnn

<collection xmlns="http://www.w3.org/2007/app">
  <title xmlns="http://www.w3.org/2005/Atom">My New Collection</title>
  <categories href="http://example.org/cats/forMain.cats"/>
</collection>

Server responds with:

HTTP/1.1 201 Created
Content-Length: nnn
Content-Type: application/atom+xml;type=entry;charset="utf-8"
Location: http://example.org/my-new-collection.atom

<?xml version="1.0"?>
<entry xmlns="http://www.w3.org/2005/Atom">
  <title>My New Collection</title>
  <id>urn:uuid:de46e3a1-e489-41a6-88a6-21e7f0e8e2d8</id>
  <updated>2009-06-12T12:13:46Z</updated>
  <author><name>Daffy</name></author>
  <summary type="text" />
  <content type="application/atom+xml;type=feed"
     src="http://example.org/my-new-collection"/>
  <link rel="alternate" type="application/atom+xml;type=feed"
     href="http://example.org/my-new-collection"/>
  <link rel="edit-media"
     href="http://example.org/my-new-collection.atomcoll" />
  <link rel="edit"
     href="http://example.org/my-new-collection.atom" />
</entry>

the content@src attribute points to the feed representation of the newly created Collection. This server also happens to include a link@rel=”alternate” pointing to the same resource
the link@rel=”edit-media” points to the Collection’s own metadata. A client can PUT to this URI to update the Collection configuration ( e.g. to add/change app:categories element)
Note the document posted to create the collection lacks a collection@href attribute. This is prohibited by RFC5023, what’s people’s feelings on ignoring/relaxing this requirement?

An Alternative Approach

An alternative approach is to stick with posting an Atom Entry document to cause the Collection to be created, but use an Atom Entry Document media type with some kind of parameter qualification that clearly communicates that the purpose of the Entry is to cause the creation of a Collection, so the above example becomes:

<feed xmlns="http://www.w3.org/2005/Atom" xmlns:app="http://www.w3.org/2007/app">
  <link rel="self" href="http://example.org/collection"/>
  <app:collection href="http://example.org/collection">
    <title>Collection Feed</title>
    <app:accept>application/atom+xml;type=entry;profile="http://purl.org/atom/metapub"</app:accept>
    <app:accept>application/atom+xml;type=entry</app:accept>
  </app:collection>
  ...
</feed>

POST /collection HTTP/1.1
Host: example.org
Content-Type: application/atom+xml;type=entry;profile="http://purl.org/atom/metapub"
Slug: My New Collection
Content-Length: nnn

<entry xmlns="http://www.w3.org/2005/Atom">
  <title>My New Collection</title>
  <id>urn:uuid:eb53f957-b7c0-4484-bf0b-c0a6948a33f5</id>
  <updated>2009-06-12T12:13:43Z</updated>
  <author><name/></author>
  <summary/>
  <app:categories href="http://example.org/cats/forMain.cats" xmlns:app="http://www.w3.org/2007/app"/>
</entry>

HTTP/1.1 201 Created
Content-Length: nnn
Content-Type: application/atom+xml;type=entry;profile="http://purl.org/atom/metapub";charset="utf-8"
Location: http://example.org/my-new-collection.atom

<?xml version="1.0"?>
<entry xmlns="http://www.w3.org/2005/Atom">
  <title>My New Collection</title>
  <id>urn:uuid:de46e3a1-e489-41a6-88a6-21e7f0e8e2d8</id>
  <updated>2009-06-12T12:13:46Z</updated>
  <author><name>Daffy</name></author>
  <summary type="text" />
  <content type="application/atom+xml;type=feed"
     src="http://example.org/my-new-collection"/>
  <link rel="alternate" type="application/atom+xml;type=feed"
     href="http://example.org/my-new-collection"/>
  <link rel="edit"
     href="http://example.org/my-new-collection.atom" />
  <app:categories href="http://example.org/cats/forMain.cats" xmlns:app="http://www.w3.org/2007/app"/>
</entry>

My Two Cents

I have a preference for the first approach, the primary motivation of the POST in each case is to cause the creation of a new Collection. I feel posting an ‘AtomPub Collection Document’ (application/atomcoll+xml) makes that intent very clear. The second option seems somehow backwards to me. However my colleague Nikunj has expressed a preference for the second option, and others have also implemented a similar approach. I’d really like to hear others points of view on this.
I dislike the Atom Entry boilerplate required by the second approach.
A weakness of both approaches is that it is not clear how the client should specify the metadata that may be included in the feed representation of the collection( e.g subtitle, rights, category, logo etc.). Perhaps that points to the need for a third option, similar to the first option but sending a document with a new xml syntax that allows specification of the feed metadata and the collection metadata, something like:
```
<collection xmlns="http://purl.org/atom/metapub" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:app="http://www.w3.org/2007/app">
 <atom:title>My Spiffy New Collection</atom:title>
 <app:categories href="http://example.org/cats/forMain.cats"/>
 <atom:feed>
  <atom:subtitle>Its got lots of metadata</atom:subtitle>
  <atom:logo>...</atom:logo>
  ... etc ...
 </atom:feed>
</collection>
```

Feedback Please

I’m very keen to get people’s feedback on the above proposals before attempting to draft another I-D revision, please leave your comments here or on the atom-protocol mailing list (http://www.imc.org/atom-protocol/)

ZigBee announces IP adoption

zdshelby — Thu, 07 May 2009 14:27:07 +0000

Last week the ZigBee Alliance made a ground-breaking announcement -

ZigBee Alliance Plans Further Integration of Internet Protocol Standards

What this means in practice is that future versions of ZigBee specifications will incorporate IETF 6LoWPAN and ROLL IPv6 standards. In practice the most straight-forward way to achieve this is by adapting the ZigBee Application Layer (ZAL) over UDP, as specified in http://www.ietf.org/internet-drafts/draft-tolle-cap-00.txt.

I am very excited about this – and believe this is a win-win for the whole industry. This lets the ZigBee Alliance, IPSO, the IETF and the IEEE (802.15.4) work in the same direction with much greater impact on achieving the Internet of Things. My own bet was that we would see ZigBee/IP in 2010 – great that it came a year early!

According to the press release and what I have seen happening in the industry – ZigBee has received a lot of pressure from the energy industry and chip makers to take advantage of native IP technology. This recent ZigBee alliance with Homeplug surely helped the decision as well. Texas Instruments was the first chip maker to make a press release with their strong support of ZigBee’s announcement, here at Sensinode we’re proud to be TI’s 3rd party partner for IP networking -

Texas Instruments supports ZigBee Alliance plan to integrate Internet Protocol standards for smart energy applications

Arquitectura de la red (Organización de la red, nuevas tendencias en la arquitectura de la red)

quimcodina — Thu, 30 Apr 2009 17:44:03 +0000

Internet no es una red descentralizada, sino que hay organismos que administran parte de ella. IANA (Internet Assigned Numbers Authority) es un entidad administradora de esta red y que se encarga de gestionar los DNS root, la asignación de direcciones IP, los números de protocolo, los números de sistemas autónomos. Los DNS root Servers (13 en todo en mundo) son los encargados de descifrar la parte derecha de las URL (.com, .es, etc) y redirigir la petición a los servidores encargados de cada dominio. Las direcciones IP no se pueden comprar, sino que se piden a la IANA, y es ésta la que decide si la necesitas realmente y el tamaño de la red que necesitas. Las direcciones IPv4 actualmente empiezan a escasear en parte porque son direcciones de sólo 32 bits y, además porque en sus inicios no se repartieron demasiado bien. Los números de protocolo son gestionados por la IANA juntamente con la IETF (Internet Engineering Task Force) que es otra administración sin ánimo de lucro que coordina el funcionamiento de Internet. Los sistemas autónomos (AS) son grandes dominios de Internet que pueden conectarse entre si o a Internet. Para conectarse entre si utilizan dos sistemas, Transit, en el cual pagas a otra red para tener acceso a internet, y Peering, donde dos redes intercambian tráfico de manera gratuita y beneficiosa para las dos redes.

Internet está organizada en forma de árbol por AS que se conectan entre si o con otros AS de mayor jerarquía que ellos. Existen AS de tres tipos que son Tier 1, Tier 2 y Tier 3, de mayor a menor jerarquía respectivamente. De esta manera Tier 3 y 2 son redes que necesitan estar conectadas mediante IP Transit a redes de mayor jerarquía para poder acceder a la totalidad de internet, y, en cambio, Tier 1 son aquellas que pueden conectarse con cualquier otra red sin tener que conectarse mediante Transit. Para poder enrutar todo el tráfico de Internet se utiliza el protocolo BGP que conoce y anuncia todos los prefijos de las distintas redes de Internet, y sabe como llegar hasta ellos. En el caso de Peering entre varios AS a la vez se utilizan los IXP (Internet eXchange Point) con los que se consiguen velocidades de transmisión mayores y más eficientes.

Internet fue diseñada para ser una red mucho más pequeña de lo que es hoy día, y es por eso que tiene algunos problemas. Algunos de los principios de internet eran, por ejemplo, que la red fuera lo más tonta posible y que la inteligencia estuviera en los extemos (cliente, servidor); otro principio es que las direcciones sean simples y que sirvan para identificar el nodo correspondiente y su situación topológica dentro de Internet. Otros requisitos que debe cumplir Internet son : Conexió entre las distintas redes; robustez de manera que si cae algun enlace la red siga funcionando; heterogeneidad para que la red se adapte a los niveles de tráfico sin dejar de dar servicio; de coste bajo y sencilles de conexión; etc.

Actualmente la arquitectura de Internet está fosilizada. Protocolos como IP, TCP y BGP tienen algunos problemas como que están diseñados para comunicaciones poco fiables y de baja velocidad, o que no soportan otro tipo de servicios como QoS. Aún así cambiar todos estos protocolos sería muy difícil y costoso ya que habría que cambiarlos en todos los nodos a la vez para que Internet siguiera funcionando. Otro problema actual es la falta de direcciones IP, y una solución que se ha encontrado es el NAT el cual permite conectar muchos ordenadores en una misma dirección pública mediante direcciones privadas. Este sistema es una buena solución, pero no es definitiva ya que aporta otros problemas como que impide la comunicación extremo-extremo y el P2P. Otras limitaciones a la comunicación extremo-extremo son IPSec, Firewalls y MPLS, los cuales hacen incompatibles, sobretodo, la seguridad en la red.

Para solucionar muchos de estos problemas la comunidad científica ya se está planteando la Internet del futuro, donde muchos coinciden en que la mejor solución sería reemplazar por completo la red existente por una mejor diseñada.

Latest IPv6 RFC from IETF

lokijorgenson — Thu, 23 Apr 2009 17:50:26 +0000

The Internet Engineering Task Force, the body responsible for defining most IP-related standards, has been making a concerted effort of late to promote the transition to IPv6. They have developed Best Practices, staged IPv6-only events for media profile, and developed subsequent RFCs (standards) that help make IPv6 easier to adopt.

The latest RFC to be released takes a bold step forward by leveraging the pervasiveness of social networks. RFC 5514, entitled “IPv6 over Social Networks”, has recently been released (April 1, 2009) and promises to catapult IPv6 into common use. Although an experimental RFC (as opposed to a full-fledged standard), this new work offers a breakthrough implementation.

The sole author of the RFC is Eric Vyncke of Cisco Systems (Belgium). Not always the source of network innovation, Cisco clearly has taken a lead in driving IPv6 into the public consciousness and the Internet. While as a standard it is available for all vendors to implement, it is hopeful that Cisco itself will continue to lead with some interesting new products that employ this RFC.

Like most standards, this one is a bit of a challenge to read. However, it is well worth perusing to get a sense of what is in store:

http://www.rfc-editor.org/rfc/rfc5514.txt

IPv6: What's in it for Google?

lokijorgenson — Tue, 07 Apr 2009 20:12:20 +0000

If the arrival of IPv6 can be likened to “climate change for networks”, then Google has become the corporate incarnation of “Al Gore for the Internet”. Not only does the search engine giant have an apparent interest in furthering the adoption of IPv6, but it has taken steps to make sure everyone else does too.

Last week, Google held its IPv6 Implementers conference in San Jose. It had a limited attendance, was paid for by Google, and was aimed at technical folks who had specific interest in how, less if or when, to implement IPv6. Speakers offered views from companies such as Google, Hurricane Electric, BechTel, Comcast, Cisco, Microsoft, Beijing Internet Institute, and NTT America. Our own IPv6 researcher Dr. Vilcu attended and was impressed by everything – from the people, to the content, to Google’s cafeteria food.

While the some of the usual “terrifying” stories of IPv4 depletion were being passed around (including updated predictions IANA will run out of IPv4 addresses as early as September 2010), there were more reassuring stories suggesting that the transition IPv6 is not as hard as some feared. For example, Google’s Lorenzo Colitti described their transition as relatively care-free and low cost.

On the other hand, there were disappointingly few details provided for critical how-tos such as addressing plans and network management. It was clear that IPv6 still has not reached the mainstream consciousness. On a third hand, Colitti’s demonstration of IPv6 on Android hinted at Google’s interest in mobile networking, the only real contender for “killer app” for IPv6.

The following week, Colitti appeared again at the Internet Society sponsored “Seven Stages of IPv6 Denial” panel featured at the Internet Engineering Task Force conference in San Francisco. The IETF meetings develop and advance a broad range of protocols like IPv6 – however, IPv6 has been increasingly in the spotlight 0ver the last few years. Even the attractive conference T-shirt, bearing a faux concert tour motif, was used to promote IPv6 over IPv4 (referred to as “sold out”).

Colitti shared the stage with well-known faces from Comcast, IETF, ARIN, and Ericsson, amongst others. And he repeated many of the same messages – and others such as a claim that there was a business case for IPv6 however indirect the revenue might be. The others relied on familiar themes that did not add anything new for those already in the choir.

With little or no persuasive economic impetus to transition to IPv6 (it is primarily being described as a strategic move), at least companies like Google are stepping up to give people reasons to move earlier. Spreading the knowledge seems to be their intent with the implementer’s conference. And by offering an IPv6-specific search portal, they have raised its visibility. Some companies have made similar contributions to the cause – for example, Microsoft is limiting its slick new DirectAccess capability in Windows 7 to being IPv6-only (DA offers users secure intranet access with0ut using a VPN).

[Note: On the other hand, Microsoft.com is not yet IPv6 accessible, and all indications are that home systems like XBox will not be running IPv6 any time soon.]

The general noise these days sounds like a pack of sheep milling about discussing how good the grass is over on the other side of the hill. Even as the last of the grass is being finished off where they are, few seem inclined to make the hike. What is notable th0ugh is that Google clearly has some vested interest in the pack making the move sooner than later and in an orderly fashion. It remains to be seen if it is a visionary sheep or a dapper wolf.

Or perhaps it simply wants to be there when the first early adopters arrive – as part of its goal of world domination without doing evil.

Certainly every little bit helps – but what would be really interesting is a IPv6-only Day where access to Google’s indispensable search engine is briefly cut-off for IPv4 users. Sort of a warning shot over the world’s bow….. now that would get some attention.

Links of Interest:

https://sites.google.com/site/ipv6implementors/
http://ipv6.google.com/
http://ipv6.yahoo.com/
http://ipv4depletion.com/

Istilah Telekomunikasi IETF (Internet Engineering Task Force)

standardisasi — Mon, 06 Apr 2009 04:42:50 +0000

IETF merupakan sebuah organisasi yang menjaring banyak pihak (baik itu individual ataupun organisasional) yang tertarik dalam pengembangan jaringan komputer dan Internet. Organisasi ini diatur oleh IESG (Internet Engineering Steering Group), dan diberi tugas untuk mempelajari masalah-masalah teknik yang terjadi dalam jaringan komputer dan Internet, dan kemudian mengusulkan solusi dari masalah tersebut kepada IAB (Internet Architecture Board). Pekerjaan IETF dilakukan oleh banyak kelompok kerja (disebut sebagai Working Groups) yang berkonsentrasi di satu bagian topik saja, seperti halnya keamanan, routing, dan lainnya. IETF merupakan pihak yang mempublikasikan spesifikasi yang membuat standar protokol TCP atau IP.

Yang termasuk IETF diantaranya:

Saya informasikan kepada pembaca, jika anda membeli perangkat telekomunikasi, sebaiknya yang sudah di sertifikasi atau yang sudah bersertifikat resmi dari postel, untuk menjaga agar anda tidak berurusan dengan pihak yang berwajib. Dan perangkat yang sudah di sertifikasi tentunya sudah lulus pengujian di balai uji, sehingga mutu dan kualitasnya terjamin.

Bagi semua sahabat diblogger saya mohon dukungan dan do’a restunya karena saya sedang mengikuti contest yang diselenggarakan oleh PT. Pertamina dengan keyword Kerja Keras Adalah Energi Kita, silahkan anda memberikan dukungan dengan cara memberikan komentar atau memberikan link pada artikel tulisan saya yang berjudul Kerja Keras Adalah Energi Kita, bagi yang sudah memberikan dukungan saya ucapkan banyak-banyak terima kasih.

Istilah Telekomunikasi IETF (Internet Engineering Task Force)

standardisasi — Mon, 06 Apr 2009 04:42:50 +0000

Yang termasuk IETF diantaranya:

Istilah Telekomunikasi IETF (Internet Engineering Task Force)

agustomo — Mon, 06 Apr 2009 04:42:50 +0000

Yang termasuk IETF diantaranya:

Istilah Telekomunikasi IETF (Internet Engineering Task Force)

agustomo — Mon, 06 Apr 2009 04:42:50 +0000

Yang termasuk IETF diantaranya:

Google CADIE, Google Gulp, and April 1st RFCs

oregniappe — Wed, 01 Apr 2009 22:40:47 +0000

By now, inquisitive Google users will have taken a look at CADIE and maybe even read about CADIE for a bit before remembering earlier Google April 1st announcements like Google Gulp (BETA)™ with Auto-Drink™ (LIMITED RELEASE). or its PigeonRank™ announcement from 2002.

Google’s hoaxes are high-profile continuations of an Internet tradition that dates back to at least 30 years, when the Internet Engineering Task Force published RFC 748, entitled “Telnet Randomly-Lose Option”; PigeonRank harkens back specifically to RFC 1149 (A Standard for the Transmission of IP Datagrams on Avian Carriers).

74TH INTERNET ENGINEERING TASK FORCE MEETING GATHERS MORE THAN 1150 NETWORKING THOUGHT LEADERS

turiya — Mon, 30 Mar 2009 17:17:09 +0000

San Francisco, USA–March 31, 2009–The Internet Engineering Task Force (IETF), the Internet’s premier technical standards body, last week gathered more than 1150 Internet thought leaders at its meeting in San Francisco. Many IETF working groups, where technical work in areas critical to the development of the Internet–including routing, transport and security–met in conjunction with the IETF meeting. Pradeep Sindhu, CTO and founder of official meeting host Juniper Networks, spoke to the IETF on “Clouds – The New Information Infrastructure.”

Several groups with key roles in the technical evolution of the Internet announced new leadership at the meeting.

Joel Halpern, Chair of the IETF Nominating Committee, said, “We are extremely pleased with the excellent incoming candidates from the many qualified community members who offered to serve. They demonstrate the community-driven approach that shapes the IETF and will build on the excellent work of past leaders.”

The IETF confirmed appointments for the Internet Engineering Steering Group (IESG), which provides the final technical review of Internet standards and is responsible for day-to-day management of the IETF. The confirmed IESG members include:

* IETF Chair: Russ Housley
* Applications Area Director: Alexey Melnikov
* Internet Area Director: Ralph Droms
* Operations and Management Area Director: Ron Bonica
* Real-time Applications Infrastructure Area Director: Robert Sparks
* Routing Area Director: Adrian Farrel
* Security Area Director: Tim Polk
* Transport Area Director: Lars Eggert

Members of the Internet Architecture Board (IAB) were also announced at the IETF meeting. IAB responsibilities include architectural oversight of IETF activities, and Internet Standards Process oversight and appeal. Incoming members of the IAB are:

* Marcelo Bagnulo
* Vijay Gill
* John Klensin
* Jon Peterson
* Danny McPherson (incumbent)
* Dave Thaler (incumbent)

Olaf Kolkman was reappointed as the Chair and Dow Street was reappointed as the Executive Director of the IAB. Aaron Falk was reappointed as chair of the Internet Research Task Force (IRTF), which promotes research of importance to the evolution of the future Internet by creating focused, long-term Research Groups working on topics related to Internet protocols, applications, architecture and technology.

The next meeting of the Internet Engineering Task Force, IETF 75, will be held 26-31 July 2009 in Stockholm, Sweden. Registration for IETF 75 will open in April.

About the IETF

The Internet Engineering Task Force (IETF) is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. It is open to any interested individual. More information is available on the IETF website: http://www.ietf.org

About the IAB

The Internet Architecture Board (IAB) is a committee of the Internet Engineering Task Force (IETF) and an advisory body of the Internet Society (ISOC). Its responsibilities include architectural oversight of IETF activities, Internet Standards Process oversight and appeal, and the appointment of the RFC Editor. The IAB is also responsible for the management of the IETF protocol parameter registries. For more information about the IAB, see: http://www.iab.org

About the Internet Society

The Internet Society is a non-profit organization founded in 1992 to provide leadership in Internet related standards, education, and policy. With offices in Washington, DC, and Geneva, Switzerland, it is dedicated to ensuring the open development, evolution, and use of the Internet for the benefit of people throughout the world. More information is available at: http://www.isoc.org

CommunityDNS News Bits, Friday March 27, 2009.

CommunityDNS — Fri, 27 Mar 2009 22:20:53 +0000

Leaked memo says Conficker pwns Parliament

Much has been written about the latest version of the Conficker virus to kick-off on April 1. However, the virus could kick-off prior to or after April 1. Case in point, the systems for the UK’s House of Commons was hit by the virus earlier this week.

Click here for more information.

Users spurn latest Adobe PDF patches, says researcher

While effort has made by end users and organizations to patch vulnerabilities in Internet Explorer, little progress has been made in patching vulnerabilities identified in Adobe Reader.

Adobe Reader, a free application used to read PDF documents, is pervasive in that it is found in the PC, MAC and Unix environments. While hackers have been taking advantage of the vulnerabilities for the last three months, only a small percentage of installed Adobe Readers have downloaded the needed patches.

Click here for more information.

Cisco patch bundle lances multiple DoS flaws

Security updates have been released to fix several flaws in its core IOS networking software. The updates, which would allow hackers to crash kits such as VoIP systems, remote access and routers running the IOS networking software. To be specific the updates address a number of vulnerabilities tied to TCP, UDP, mobile and VPN. One vulnerability also allows a normal user to gain administrative status. The vulnerabilities, however, do not allow a hacker to inject code.

Click here for more information.

Some Thoughts on ICANN’s Next CEO

Elliot Noss, CEO of TuCows, shares his views on three essential qualities of ICANN’s next CEO.

Click here for more information.

IETF to explore new routing technique

Companies that split their network traffic over multiple carriers, know as “multihoming”, are creating scalability issues in the Internet’s routing system.

Cisco has proposed engineering a new tunneling mechanism to be used by the internet’s edge and core routers. “LISP” (Locator/Identifier Separation Protocol) would reduce the number of entries in routing tables stored in core routers that are operated by ISPs.

Click here for more information.

Report: IT not scrimping on security during recession

While most disciplines in most industry sectors have been hit by the current economic climate, IT security does not appear to be among them. Whether based on existing term contracts, or realizing the importance of security in IT, sales in this market remain up.

Click here for more information.