Internet Protocol

Internet Protocol / Featured Blogs

The IETF Evolution

The Internet Engineering Task Force (IETF) is a collaborative body that has developed internetworking specifications for more than five decades, successfully shaping the global marketplace of digital network equipment and services. Beginning as a kind of distributed think tank among network researchers in 1969, it evolved to become one of the world's most influential standards bodies. more

Transport vs. Network

One of the basic tools in network design is the so-called "stacked" protocol model. This model was developed in the late 1970s as part of a broader effort to develop general standards and methods of networking. In 1983, the efforts of the CCITT and ISO were merged to form The Basic Reference Model for Open Systems Interconnection, usually referred to as the Open Systems Interconnection Reference Model or the "OSI model." more

The Insecurity of Ambiguous Standards

Why are networks so insecure? One reason is we don't take network security seriously. We just don't think of the network as a serious target of attack. Or we think of security as a problem "over there," something that exists in the application realm, that needs to be solved by application developers. Or we think the consequences of a network security breach as "well, they can DDoS us, and then we can figure out how to move load around, so if we build with resilience (enough redundancy)... more

The WiFi 6 Revolution

We're edging closer every day to seeing WiFi 6 in our homes. WiFi 6 will be bolstered by the newly approved 6 GHz frequency, and the combination of WiFi 6 and 6 GHz spectrum is going to revolutionize home broadband. I don't think many people understand how many of our home broadband woes are caused by current WiFi technology. WiFi has been an awesome technology that freed our homes from long category 5 wires everywhere, but WiFi has a basic flaw that became apparent when homeowners started to buy hordes of WiFi-enabled devices.  more

Notes from the DNS Privacy Workshop at NDSS 2021

For many years the consuming topic in DNS circles was that of the names themselves. If you wind the clock back twenty years or so, you will find much discussion about the nature of the Internet's namespace. Why were there both generic top-level labels and two-letter country codes? If we were going to persist with these extra-territorial generic country codes in the namespace, then how many should there be? Who could or should manage them? And so on. more

Help Recognize Internet Pioneers and Heroes – Nominations Open for 2021 Internet Hall of Fame

Do you know someone who deserves recognition for launching the Internet in their region or country? Or someone who made some major technical innovation that made the Internet faster or better? Or someone who is a passionate advocate who influenced other people to make the Internet better? Can you think of someone who helped the Internet reach new people? For example, in a new region or language? Do you know someone who made the Internet more inclusive and accessible to more people? more

Notes from NANOG 81

As the pandemic continues, the network operator community continues to meet online. NANOG held its 81st meeting on February 8 and 9, and these are my notes from some of the presentations at that meeting... Ethernet, developed in 1973 at Xerox PARC, was a revolutionary step in network architectures in many ways. The common bus architecture imposed several constraints on the network that have echoed through the ensuing four decades in all kinds of ways. more

Information Protection for the Domain Name System: Encryption and Minimization

In previous posts in this series, I've discussed a number of applications of cryptography to the DNS, many of them related to the Domain Name System Security Extensions (DNSSEC). In this final blog post, I'll turn attention to another application that may appear at first to be the most natural, though as it turns out, may not always be the most necessary: DNS encryption. (I've also written about DNS encryption as well as minimization in a separate post on DNS information protection.) more

Cryptographic Tools for Non-Existence in the Domain Name System: NSEC and NSEC3

In my previous post, I described the first broad scale deployment of cryptography in the DNS, known as the Domain Name System Security Extensions (DNSSEC). I described how a name server can enable a requester to validate the correctness of a "positive" response to a query -- when a queried domain name exists -- by adding a digital signature to the DNS response returned. more

An Open Letter to Big Tech CFOs: Save the Internet Before You’re Forced

Dear Chief Financial Officers of tech giants, the internet is in crisis, and you can lead your organization to help solve the problem. You'll be well compensated, and you'll enjoy massive public relations benefits. I fear that if you don't, global governments will force your hand. There is a shortage of available IPv4 addresses but we are years away (possibly a decade or more) from IPv6 viability and adoption in North America. more