Talk:Challenges and uptake of modern Internet standards (including, but not limited to IPv6, DNSSEC, HTTPS, RPKI) – WS 11 2020: Difference between revisions
Jump to navigation
Jump to search
(Updated Meeting 3 info) |
|||
Line 47: | Line 47: | ||
== Additional information == | == Additional information == | ||
* | * Mails | ||
** APNIC - This mail has been merged in the "Further Reading" section but the explanation here is more detailed: | |||
*** IPv6 - large scale measurements of IPv6 uptake starting in late 2011 up to today - stats on a global basis (https://stats.labs.apnic.net/ipv6/XA, per region (https://stats.labs.apnic.net/ipv6/XE), per country (https://stats.labs.apnic.net/ipv6/GB) or per provider (https://stats.labs.apnic.net/ipv6/AS5607?c=GB&p=1&v=1&w=1&x=1) | |||
*** Also a set of stats on the relative performance of IPv6 compared to IPv4 (https://stats.labs.apnic.net/v6perf/XE, again with regional / country / ISP splits. I look at connection loss rates (the Ukraine has a problem!) as well as relative RTTs. | |||
*** DNSSEC is reported in a similar way - I report on both validating (ALL the resolvers you use perform DNSSEC validation and refuse to answer if the DNS result has a bad signature) and “mixed” where some of the resolvers you use perform validation, but some do not - the end result is that you are lead to a badly signed name anyway! (https://stats.labs.apnic.net/DNSSEC/XE, again with region, country, ISP splits - data since 2013). Sweden - big on DNSSEC, lousy on Ipv6! | |||
*** We looked at support for ECDSA in DNSSEC, but stopped when it was clear that support for this crypto protocol was as widespread as RSA (https://www.potaroo.net/ispcol/2018-08/ecdsafin.html_ | |||
*** HTTTPS - we tried to measure the number of end points that refused to connect on HTTPS and it turned out that it was basically impossible to find anyone! Now I suspect a certain amount of measurement bias, in that the ad is a browser-based service and a browser without HTTPS is probably defunct, but the bottom line is the same - every browser we see these days is capable of TLS and can (and does) do HTTPS | |||
*** RPKI - work in progress - we have set up the rig and started an ad based on ROV measurement - reports are still in progress | |||
*** IPv6 - large scale measurements of IPv6 uptake starting in late 2011 up to today - stats on a global basis (https://stats.labs.apnic.net/ipv6/XA, per region (https://stats.labs.apnic.net/ipv6/XE), per country (https://stats.labs.apnic.net/ipv6/GB) or per provider (https://stats.labs.apnic.net/ipv6/AS5607?c=GB&p=1&v=1&w=1&x=1) | |||
*** Also a set of stats on the relative performance of IPv6 compared to IPv4 (https://stats.labs.apnic.net/v6perf/XE, again with regional / country / ISP splits. I look at connection loss rates (the Ukraine has a problem!) as well as relative RTTs. | |||
*** DNSSEC is reported in a similar way - I report on both validating (ALL the resolvers you use perform DNSSEC validation and refuse to answer if the DNS result has a bad signature) and “mixed” where some of the resolvers you use perform validation, but some do not - the end result is that you are lead to a badly signed name anyway! (https://stats.labs.apnic.net/DNSSEC/XE, again with region, country, ISP splits - data since 2013). Sweden - big on DNSSEC, lousy on Ipv6! | |||
*** We looked at support for ECDSA in DNSSEC, but stopped when it was clear that support for this crypto protocol was as widespread as RSA (https://www.potaroo.net/ispcol/2018-08/ecdsafin.html_ |
Revision as of 06:33, 12 June 2020
Welcome to the information page for WS 11 2020 preparation.
This page includes:
- Dates for virtual meetings or coordination calls;
- Short summary of calls or email exchange;
- Other relevant preparation or temporary information.
Org Team meetings
Meeting 1
Date/time: 2020-04-23 13:00 CEST (UTC+02)
Location: Virtual
Summary:
- Org Team kick off meeting;
- Focus on existing internet standards that have been around for some time; generally considered uncontroversial;
- Possible structure of the session:
- Explore the reasons why these standards are not as widely accepted and deployed as they should be, considering their non-controversial nature;
- Propose possible solutions for these challenges;
- Look into the success-cases (e.g. HTTPS).
- Consider challenges within the ecosystem and beyond internet infrastructure: e.g. "last mile";
- Possible angle for the challenges discussion: Business cases v end-users' demand;
- Gather concrete data and statistics on deployment of standards (IPv6, DNSSEC) for an evidence-based discussion.
Meeting 2
Date/time: 2020-05-20 13:00 CEST (UTC+02)
Location: Virtual
Summary:
- Approval of final title;
- Approval of final teaser;
- Discussion on detailed description;
- Discussion on Key Participants;
- Other issues.
Meeting 3
Date/time: 2020-06-05 13:00 CEST (UTC+02)
Location: Virtual
Summary:
- Final meeting before the event;
- This session is the first to include Key Participants;
- Decisions on format and moderator;
- Discussion on standards, case studies, tools, slides, live polling, session description, etc. Further improvements will be done via the mailing list;
- Presented technical information on the session software and event specifics (same as the prep calls organised by the secretariat);
- Consensus: In-person event, thought not viable, would be best, both for discussion and for the very missed food :)
- Other issues.
Additional information
- Mails
- APNIC - This mail has been merged in the "Further Reading" section but the explanation here is more detailed:
- IPv6 - large scale measurements of IPv6 uptake starting in late 2011 up to today - stats on a global basis (https://stats.labs.apnic.net/ipv6/XA, per region (https://stats.labs.apnic.net/ipv6/XE), per country (https://stats.labs.apnic.net/ipv6/GB) or per provider (https://stats.labs.apnic.net/ipv6/AS5607?c=GB&p=1&v=1&w=1&x=1)
- Also a set of stats on the relative performance of IPv6 compared to IPv4 (https://stats.labs.apnic.net/v6perf/XE, again with regional / country / ISP splits. I look at connection loss rates (the Ukraine has a problem!) as well as relative RTTs.
- DNSSEC is reported in a similar way - I report on both validating (ALL the resolvers you use perform DNSSEC validation and refuse to answer if the DNS result has a bad signature) and “mixed” where some of the resolvers you use perform validation, but some do not - the end result is that you are lead to a badly signed name anyway! (https://stats.labs.apnic.net/DNSSEC/XE, again with region, country, ISP splits - data since 2013). Sweden - big on DNSSEC, lousy on Ipv6!
- We looked at support for ECDSA in DNSSEC, but stopped when it was clear that support for this crypto protocol was as widespread as RSA (https://www.potaroo.net/ispcol/2018-08/ecdsafin.html_
- HTTTPS - we tried to measure the number of end points that refused to connect on HTTPS and it turned out that it was basically impossible to find anyone! Now I suspect a certain amount of measurement bias, in that the ad is a browser-based service and a browser without HTTPS is probably defunct, but the bottom line is the same - every browser we see these days is capable of TLS and can (and does) do HTTPS
- RPKI - work in progress - we have set up the rig and started an ad based on ROV measurement - reports are still in progress
- IPv6 - large scale measurements of IPv6 uptake starting in late 2011 up to today - stats on a global basis (https://stats.labs.apnic.net/ipv6/XA, per region (https://stats.labs.apnic.net/ipv6/XE), per country (https://stats.labs.apnic.net/ipv6/GB) or per provider (https://stats.labs.apnic.net/ipv6/AS5607?c=GB&p=1&v=1&w=1&x=1)
- Also a set of stats on the relative performance of IPv6 compared to IPv4 (https://stats.labs.apnic.net/v6perf/XE, again with regional / country / ISP splits. I look at connection loss rates (the Ukraine has a problem!) as well as relative RTTs.
- DNSSEC is reported in a similar way - I report on both validating (ALL the resolvers you use perform DNSSEC validation and refuse to answer if the DNS result has a bad signature) and “mixed” where some of the resolvers you use perform validation, but some do not - the end result is that you are lead to a badly signed name anyway! (https://stats.labs.apnic.net/DNSSEC/XE, again with region, country, ISP splits - data since 2013). Sweden - big on DNSSEC, lousy on Ipv6!
- We looked at support for ECDSA in DNSSEC, but stopped when it was clear that support for this crypto protocol was as widespread as RSA (https://www.potaroo.net/ispcol/2018-08/ecdsafin.html_
- APNIC - This mail has been merged in the "Further Reading" section but the explanation here is more detailed: