Service Desk 0300 300 2212

Shaping the Internet of the Future

For those that don't know what it is, the Internet Engineering Task Force (IETF) is the Standards Development Organisation (SDO) that deals with the protocols used on the Internet. It is responsible for the standardisation of IP, IPv6, multicast, SIP, SMTP (email), XMPP (instant messaging), DNS, NTP, DHCP, and so on.

Its first meeting was held in San Diego in January, 1986, with 21 attendees -- all from the US. The most recent meeting, the seventy-fifth, was held in the last week of July in Stockholm and attracted almost 1,100 attendees from 50 countries (this is substantially down from the biggest ever meeting which had 2,800 attendees in 2000).

With half a dozen parallel sessions most of the time, it is impossible to cover all that was going on, but here are a couple of highlights.

As the meeting was hosted by .SE, the registry for Sweden's Top Level Domain (TLD), and .SE was the first TLD to sign their DNS zone with secure DNS (DNSSEC), DNSSEC was a major topic at the meeting. DNSSEC has been in development for over ten years and aims to give users a way to ensure the results returned by a DNS query are what the owner of a name intended. So, for example, a local DNS resolver could check that the result from a query for 'www.ja.net' did indeed map to what the owner of 'ja.net' wanted. In turn, you could check that 'ja.net' is the correct owner according to the records held in '.net' and that '.net' is answering correctly according to the root zone.

Now that the protocol is sufficiently well developed for widescale adoption, signing the root zone has been a deployment hurdle. ICANN had previously announced that they are hoping this will be done by the end of 2009, but announced at this meeting that '.net' should be signed by the end of 2010 and '.com' early in 2011 with all the appropriate hooks in place for users of those zones to register the secure DNS 'keys' for their own zones.

Popular DNS software, such as BIND, already supports DNSSEC, but there will be major enhancements in future versions to make it easier to administer, and also launched at the meeting was http://www.opendnssec.org/, a system to make signing zones easier.

As the free pool of IPv4 addresses continues to dwindle and people are still reluctant to deploy IPv6, more transition techniques are being discussed. Most of these are based around some form of NAT or other, either large-scale IPv4 NATs to hide more and more users behind fewer and fewer addresses, or NATs that translate between IPv4 and IPv6.

Elsewhere in the meeting work is being done to secure routing announcements in an attempt to prevent a recurrence of a similar event to the accidental hijack of YouTube by Pakistan ISPs earlier in the year (and many others before that). Further ahead, other working groups and research groups are looking at separating locators ("where are you?") and identifiers ("who are you?"), both of which are properties of an IP address in the current Internet, in an attempt to make the Internet routing scale with increased multihoming and mobility in the future.

Much of the work of the IETF happens on mailing lists, but the next meeting of all working groups, the seventy-sixth meeting, will he held in Hiroshima in November.

 

 

 

 

Privacy Policy | Web Admin
JANET(UK), Lumen House, Library Avenue
Harwell Oxford, Didcot, Oxfordshire
OX11 0SG

 

"));