Talk:Challenges and uptake of modern Internet standards (including, but not limited to IPv6, DNSSEC, HTTPS, RPKI) – WS 11 2020: Difference between revisions

Welcome to the information page for WS 11 2020 preparation.

This page includes:

• Dates for virtual meetings or coordination calls;
• Short summary of calls or email exchange;
• Other relevant preparation or temporary information.

Org Team meetings

Meeting 1

Date/time: 2020-04-23 13:00 CEST (UTC+02)
Location: Virtual
Summary:

• Org Team kick off meeting;
• Focus on existing internet standards that have been around for some time; generally considered uncontroversial;
• Possible structure of the session:
  1. Explore the reasons why these standards are not as widely accepted and deployed as they should be, considering their non-controversial nature;
  2. Propose possible solutions for these challenges;
  3. Look into the success-cases (e.g. HTTPS).
• Consider challenges within the ecosystem and beyond internet infrastructure: e.g. "last mile";
• Possible angle for the challenges discussion: Business cases v end-users' demand;
• Gather concrete data and statistics on deployment of standards (IPv6, DNSSEC) for an evidence-based discussion.

Meeting 2

Date/time: 2020-05-20 13:00 CEST (UTC+02)
Location: Virtual
Summary:

• Approval of final title;
• Approval of final teaser;
• Discussion on detailed description;
• Discussion on Key Participants;
• Other issues.

Meeting 3

Date/time: 2020-06-05 13:00 CEST (UTC+02)
Location: Virtual
Summary:

• Final meeting before the event;
• This session is the first to include Key Participants;
• Decisions on format and moderator;
• Discussion on standards, case studies, tools, slides, live polling, session description, etc. Further improvements will be done via the mailing list;
• Presented technical information on the session software and event specifics (same as the prep calls organised by the secretariat);
• Consensus: In-person event, thought not viable, would be best, both for discussion and for the very missed food :)
• Other issues.

Additional information

• Mails
  • APNIC - This mail has been merged in the "Further Reading" section but the explanation here is more detailed:
    • IPv6 - large scale measurements of IPv6 uptake starting in late 2011 up to today - stats on a global basis (https://stats.labs.apnic.net/ipv6/XA, per region (https://stats.labs.apnic.net/ipv6/XE), per country (https://stats.labs.apnic.net/ipv6/GB) or per provider (https://stats.labs.apnic.net/ipv6/AS5607?c=GB&p=1&v=1&w=1&x=1)
    • Also a set of stats on the relative performance of IPv6 compared to IPv4 (https://stats.labs.apnic.net/v6perf/XE, again with regional / country / ISP splits. I look at connection loss rates (the Ukraine has a problem!) as well as relative RTTs.
    • DNSSEC is reported in a similar way - I report on both validating (ALL the resolvers you use perform DNSSEC validation and refuse to answer if the DNS result has a bad signature) and “mixed” where some of the resolvers you use perform validation, but some do not - the end result is that you are lead to a badly signed name anyway! (https://stats.labs.apnic.net/DNSSEC/XE, again with region, country, ISP splits - data since 2013). Sweden - big on DNSSEC, lousy on Ipv6!
    • We looked at support for ECDSA in DNSSEC, but stopped when it was clear that support for this crypto protocol was as widespread as RSA (https://www.potaroo.net/ispcol/2018-08/ecdsafin.html_
    • HTTTPS - we tried to measure the number of end points that refused to connect on HTTPS and it turned out that it was basically impossible to find anyone! Now I suspect a certain amount of measurement bias, in that the ad is a browser-based service and a browser without HTTPS is probably defunct, but the bottom line is the same - every browser we see these days is capable of TLS and can (and does) do HTTPS
    • RPKI - work in progress - we have set up the rig and started an ad based on ROV measurement - reports are still in progress
    • IPv6 - large scale measurements of IPv6 uptake starting in late 2011 up to today - stats on a global basis (https://stats.labs.apnic.net/ipv6/XA, per region (https://stats.labs.apnic.net/ipv6/XE), per country (https://stats.labs.apnic.net/ipv6/GB) or per provider (https://stats.labs.apnic.net/ipv6/AS5607?c=GB&p=1&v=1&w=1&x=1)
    • Also a set of stats on the relative performance of IPv6 compared to IPv4 (https://stats.labs.apnic.net/v6perf/XE, again with regional / country / ISP splits. I look at connection loss rates (the Ukraine has a problem!) as well as relative RTTs.
    • DNSSEC is reported in a similar way - I report on both validating (ALL the resolvers you use perform DNSSEC validation and refuse to answer if the DNS result has a bad signature) and “mixed” where some of the resolvers you use perform validation, but some do not - the end result is that you are lead to a badly signed name anyway! (https://stats.labs.apnic.net/DNSSEC/XE, again with region, country, ISP splits - data since 2013). Sweden - big on DNSSEC, lousy on Ipv6!
    • We looked at support for ECDSA in DNSSEC, but stopped when it was clear that support for this crypto protocol was as widespread as RSA (https://www.potaroo.net/ispcol/2018-08/ecdsafin.html_