ion santiago: what's happening at the ietf? internet standards and how to get involved (alvaro...

Cisco Confidential 1 © 2011 Cisco and/or its affiliates. All rights reserved.

Alvaro Retana ([email protected]) Distinguished Engineer, Cisco Systems, Inc. Chair IETF-LAC Task Force, LACNOG

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2

•  ...activities focused on supporting, updating and maintaining the IETF standards development process. General Area (gen)

• ubiquitous application protocols (e.g., email, HTTP, FTP) and protocols used for Internet infrastructure Applications (app)

•  ...IP layer (both IPv4 and IPv6), DNS, mobility, VPNs and pseudowires..., and various link layer technologies. Internet (int)

• Network Management, AAA, and various operational issues facing the Internet such as DNS operations, IPv6 operations, operational security and Routing operations. Operations & Management (ops)

•  ...develops protocols and architectures for delay-sensitive interpersonal communications...

Real-time Applications and Infrastructure (rai)

•  ...responsible for ensuring continuous operation of the Internet routing system... Routing (rtg)

•  ...focused on security protocols...services: integrity, authentication, non-repudiation, confidentiality, and access control...key management is also vital. Security (sec)

•  ...works on mechanisms related to end-to-end data transport... Transport Services (tsv)


http://www.arkko.com/tools/allstats/areawgdistr.html


http://www.arkko.com/tools/stats/areadistr.html


•  Routing Resiliency

•  Domain Name System Security

•  IPv6 Deployment

Technical Plenary (IAB Programs) IP Stack Evolution Privacy and Security

ISOC@IETF91 Briefing Panel Is Identity an Internet Building Block? ISOC CITO Olaf Kolkman


•  Related WGs dnsop (DNS Operations) WG dane (DNS-based Authentication of Named Entities) WG dnssd (Extensions for Scalable DNS Service Discovery) WG dprive (DNS Private Exchange)

•  Reading List DNS Security Introduction and Requirements (rfc4033) DNSSEC Operational Practices, Version 2 (rfc6781) DNSSEC Roadblock Avoidance (draft-ietf-dnsop-dnssec-roadblock-avoidance) Use Cases and Requirements for DNS-Based Authentication of Named Entities (rfc6394) The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA (rfc6698) Updates to and Operational Guidance for the DANE Protocol (draft-ietf-dane-ops) DNS privacy considerations (draft-ietf-dprive-problem-statement)


Origin AS

AS x

10.0.0.0/22

Hijacker AS

10.0.0.0/22

Six worst Internet routing attacks : http://www.networkworld.com/news/2009/011509-bgp-attacks.html


http://tools.ietf.org/html/draft-fmejia-opsec-origin-a-country / http://rpki.surfnet.nl/perrir.html


•  Related WGs sidr (Secure Inter-Domain Routing) WG grow (Global Routing Operations) WG idr (Inter-Domain Routing) WG opsec (Operational Security) WG

•  Reading List An Infrastructure to Support Secure Internet Routing (rfc6480) The Resource Public Key Infrastructure (RPKI) to Router Protocol (rfc6810) BGP Prefix Origin Validation (rfc6811) An Overview of BGPSEC (draft-ietf-sidr-bgpsec-overview) Route-Leaks & MITM Attacks Against BGPSEC (draft-ietf-grow-simple-leak-attack-bgpsec-no-help) BGP operations and security (draft-ietf-opsec-bgp-security)


http://www.potaroo.net/tools/ipv4/


•  Related WGs v6ops (IPv6 Operations) WG 6man (IPv6 Maintenance) WG dhc (Dynamic Host Configuration) WG sunset4 (Sunsetting IPv4) WG homenet (Home Networking) WG spring (Source Packet Routing in Networking) WG

•  Reading List Happy Eyeballs: Success with Dual-Stack Hosts (rfc6555) IPv6 Guidance for Internet Content Providers and Application Service Providers (rfc6883) Enterprise IPv6 Deployment Guidelines (rfc7381) IPv6 Home Networking Architecture Principles (rfc7368) IPv6 SPRING Use Cases (draft-ietf-spring-ipv6-use-cases)


•  New WGs (from IETF 90 BoFs) Planning for the IANA/NTIA Transition (ianaplan)

“…produce an IETF consensus document that describes the expected interaction between the IETF and the operator of IETF protocol parameters registries.”

TCP Increased Security (tcpinc) “…develop the TCP extensions to provide unauthenticated encryption and integrity protection of TCP streams.”

Transport Services (taps) “…help application and network stack programmers by describing an (abstract) interface for applications to make use of Transport Services.”

Autonomic Networking Integrated Model and Approach (anima) “…refers to the self-managing characteristics (configuration, protection, healing, and optimization) of distributed network elements, adapting to unpredictable changes while hiding intrinsic complexity from operators and users.”

Delay Tolerant Networking (dtn) “…specifies mechanisms for data communications in the presence of long delays and/or intermittent connectivity.”


•  Approved BoFs for IETF 91 Archive Top Level Media Type (arcmedia)

“…discuss registering a top level media type for file archives, i.e., formats that package files and file metadata into a single data stream.”

Deterministic Networking (detnet) “…work in conjunction with the IEEE802.1TSN Task Group and specify how to get QoS features into routers and how new and/or existing control protocols can be used…”

Bit Indexed Explicit Replication (bier) “…discuss a new architecture for the forwarding of multicast data packets.”

Abstraction and Control of Transport Networks (ACTN) “…facilitate centralized operation and construction of virtual networks based on multi-subnet, multi-technology, multi-vendor domain networks.”

Interface to Network Security Functions (I2NSF) “…discuss interfaces for clients (especially enterprises) to request, negotiate, operate, and/or verify the network security functions that are not physically present at requesters’ premises.”

Layer Independent OAM Management in the Multi-Layer Environment (lime) WG “…concentrate on the operational challenges in consistent handling of end-to-end OAM and coordination of OAM within underlying network layers.”


•  Join a mailing list..

•  ..start contributing!!

Monitor

List Participation

Authorship

Meeting Attendance

Leadership Position


Recent Meetings

•  86th IETF March 10-15, 2013 Orlando, FL, USA

•  89th IETF March 2-7, 2014 London, England

•  90th IETF July 20-25, 2014 Toronto, ON, Canada

Upcoming Meetings

•  91st IETF November 9-14, 2014 Honolulu, HI, USA

•  92nd IETF March 22-27, 2015 Dallas, TX, USA

•  93rd IETF July 19-24, 2015 Prague, Czech Republic


•  LACNOG creó el Grupo de Trabajo IETF LAC en Mayo del 2013 con el objetivo de fomentar la participación de personas de la región en las discusiones y procesos del IETF.

•  Algunas de las metas son: Ser un mecanismo para introducir nuevas personas en el IETF Facilitar la discusión de ideas en el idioma local (Español, Portugués, Inglés) Proveer un lugar en el cual los autores latinos puedan compartir sus drafts y recibir comentarios de sus colegas http://mail.lacnic.net/mailman/listinfo/ietf-lac


•  [email protected] ~ 200 personas suscritas a la lista

•  Reuniones Pre-IETF Organizadas antes de las reuniones más recientes del IETF. I Taller Pre-IETF (CSBC 2014 / http://iwpietf.lacnog.org/)

•  Educación y Evangelización Presentaciones en conferencias regionales: Semana da Infraestructura en Brasil, Cisco Live (México), etc.. Internet Engineering Argentina 2014 y LANC 2014.

•  Publicación de Documentos Al menos 5 documentos publicados en el IETF...


•  Reuniones Locales Replicar formato Pre-IETF, con temas de interés local. Planear en paralelo con reuniones de operadores u otros grupos interesados.

•  Grupos de Trabajo Locales Enfoque en problemas comunes de la comunidad.

•  Programa de Mentores Para dirigir discusiones y guiar hasta publicación el trabajo de Grupos de Trabajo locales. Para guiar y colaborar con participantes nuevos en temas específicos.

•  Becas para participar en IETF. Abrir oportunidades especificas al IETF.

•  Identificar organizaciones interesadas en colaborar. Becas, patrocinio de grupos de trabajo, educación y evangelización.


•  Idea: "hub remoto" de participación en el próximo IETF grupo de personas locales participación en un grupo de trabajo específico sin tener que viajar a la reunión

•  Trabajo Previo: Actualización Técnica / Repaso del Proceso Sesiones en Español y Portugués (~100 asistentes!)

•  Grupo de Trabajo: Source Packet Routing in Networking (spring) es ideal porque Segment Routing parece de interés general y podemos pedir que lo programen a una hora "conveniente”.

•  Ya empezamos el proceso en Brasil, Chile, México, Uruguay, Argentina y Venezuela.


•  Suscríbase a la lista de ietf-lac. http://mail.lacnic.net/mailman/listinfo/ietf-lac

•  Participar en los “hubs remotos”.

•  Suscribirse a las listas de correo es donde se realiza el trabajo Lee (y entiende) antes de escribir

•  Lee los drafts y contribuye

•  No seas tímido (pero tampoco te pases)

•  Habla con la gente

•  Busca posiciones comunes

Muchas Gracias!

ion santiago: what's happening at the ietf? internet standards and how to get involved (alvaro...

Technology