When I joined the staff of the Internet Society back in late September, the project I joined was charged with looking at questions like that and developing a means to promote online resources that would help speed up the usage of IPv6 and DNSSEC.
Yesterday, after a long 3 months of hard work, we formally announced what we are now calling the "Internet Society Deploy360 Programme" located at:
http://www.internetsociety.org/deploy360/
On that site, you will find real-world deployment information about how to get started with both technologies. Case studies, how-to documents, links to other sites, and much, much more...
THIS LAUNCH IS JUST THE BEGINNING!
The site is certainly incomplete... we wanted to get the site out there and now my task over the months ahead is to fill the site up with answers to questions and pointers to new information.
We're not looking to add ALL the information found on the web about IPv6 and DNSSEC, but rather the best information we can find.
And where we can't find information that answers specific questions, we'll be creating new materials either directly ourselves or with partners. As an example, I'm working right now on some tutorials about how to add DNSSEC support into Firefox, and how to configure DNSSEC for your domain at a couple of different registrars.
And let me tell you, it is EXTREMELY clear to me now that this program(me) is definitely needed, as many parts of both DNSSEC and IPv6 are in desperate need of geek-to-common-language translation! Just sorting through some of the steps myself, it's very clear that there's a good bit of pain that needs to be taken away...
To that end, we will be constantly adding new material and resources as we both find and create new content - both in text, video and other forms.
Our goal is also to help foster the conversation around these topics, and so we'll have a constant stream of blog posts and will, of course, be engaging via many forms of social media. You can be part of what we are doing by:
and I would definitely encourage you to join us on as many of those channels as you use. We're also actively seeking volunteers to assist us and have been rather humbled and pleased by the great amount of interest and support we've already seen.
I'm excited to get this project out there... and am looking forward to the months ahead as we build the momentum to help get both IPv6 and DNSSEC more widely deployed!
Please do take a look around the Deploy360 site. I'd love to hear any feedback or suggestions you have. Are there other questions we can be answering? What are the barriers you have found to using these technologies? Are there sites or resources that you found very helpful that we don't have on the site yet? Please do let me know! Drop me an email, fill out our feedback form, ping me on one of the various social media... heck, leave a comment to this blog post! Somehow... I'd love to know what you think.
And with that, I'm off to write some content...
If you found this post interesting or useful, please consider either:
Here in the USA, this is something that many of us think about in these final days. It's a last chance we have to make tax-deductible donations that can then be used to potentially lower the taxes you pay to the US government when we go through all that fun over the next few months.
Now, there are admittedly a zillion great causes and organizations out there to whom you can give donations. Local organizations, global organizations, relief organizations, churches and religious groups, arts organizations, environmental groups, sports groups, school groups, cancer and other research organizations... so, so many...
In the midst of all that, I'd also encourage you to think about possibly making donations to organizations helping in the fight to maintain an "open Internet".
2012 promises to be a challenging year for the Internet... not just with the Stop Online Piracy Act (SOPA) and it's PROTECT-IP cousin here in the US... but with similar legislation cropping up all around the world. With various governments seeking to put restrictions on the Internet in their country. With upcoming global telecommunications treaties and discussions. With various industries who have been severely disrupted by the Internet. With large companies wanting to lock people in to specific platforms and systems. With... with... with... the list goes on and on...
The Internet has now become a critical communications medium with so many players out there now believing they should play a role.
We need to ensure that the Internet remains open for "permissionless innovation"... for access to the services and applications we want to use... for access to everyone all around the world...
And unfortunately, the powers that would like to close and restrict the openness of the Internet are also powers that have a ton of money and a ton of lobbyists, lawyers and more.
So if you are looking for a way to help make a difference in 2012, may I suggest please helping out some of the organizations that are out there fighting to keep the Internet open?
There are again, many such organizations fighting the good fight for the open Internet, and I'm sure all of them would welcome the contributions. If you aren't aware of any such organizations in your region, here are four I personally believe are doing valuable work:
And yes, I'm now a staff member for the Internet Society but I've been a donor to ISOC for several years prior to joining as a staff member in September. There are also many other groups helping in local areas throughout the world.
THE POINT IS TO DONATE TO SOME ORGANIZATION TO HELP KEEP THE INTERNET OPEN!
Or even more than one! If you're in the US, you have a little over 24 hours to make those final contributions.
We've got a wonderful resource in the open Internet we have today... let's keep it open!
P.S. The four organizations I list above are all 501(c)(3) nonprofit organizations under US tax law. If you are looking at other organizations you will want to just check to ensure that donations to them are in fact tax-deductible (if your point right now is donate for tax purposes).
P.P.S. There are, of course, many others working in complementary ways... the Electronic Privacy Information Center (EPIC) is doing great work on critical privacy issues. I love all that the Sunlight Foundation is doing for open government and there are so many more. All of them could use donations!
If you found this post interesting or useful, please consider either:
Here are the two steps ANY consumer can take to COMPLETELY bypass the DNS filtering proposed in SOPA:
On a Mac, go into System Preferences, then Network, select the network connection being used (typically "Wi-Fi" or "Ethernet") and then click on the "Advanced..." button in the lower right corner. On the resulting screen, click on the "DNS" tab to see a screen like this one:
On a Windows computer, go into the Control Panel and look for "Network and Sharing Center", find the adapter being used, right-click it and choose "Properties". Next click on "Internet Protocol Version 4 (TCP/IPv4)" (or IPv6 should you use that) and press the "Properties" button. Microsoft provides step-by-step instructions on their website for changing these properties.
On mobile devices, tablets, etc, the same kind of screen can generally be found in a "preferences" or "settings" area. Linux systems likewise may have a graphical control panel/settings area or may requiring editing of a file.
All someone has to do is search for "list of public DNS servers outside us" in Google or other search engines. They can look at the OpenNIC list of public DNS servers or any of a zillion other web pages.
Choose one or more DNS servers outside the United States and enter them into the computer's DNS settings.
Apply those settings and... ta da... the consumer is no longer subject to any DNS filtering that is proposed as part of SOPA. (Because they are no longer using DNS servers that are subject to US law.)
That's it!
Could the entertainment industry seriously be lobbying for a filtering solution that can be defeated so easily?
Yes, it is... and yes, they are.
YES! Pretty much everyone who knows anything about the Internet has explained to SOPA proponents that this proposed mechanism will not work.
White papers have been issued, statements have been received from organizations charged with cybersecurity, a group of 83 prominent Internet inventors and engineers sent a letter to Congress...
Good question. Ask them. Perhaps they think US consumers are too dumb to follow simple steps like these above. I don't know.
Beyond simply not working, consumer's bypassing normal DNS settings from their ISP can potentially make the Internet LESS secure because consumers could be using DNS servers set up my malicious entities (and then promoted to people looking for pirated content) who could then send people to sites that download malware, engage in phishing, etc.
This is just one more reason why SOPA should NOT become a law!
Please note that this blog post represents my personal opinion and has no connection whatsoever to any employers or other organizations, either past or present.
If you found this post interesting or useful, please consider either:
http://www.fcc.gov/live
The FCC's note about the workshops mentions that people watching live can send in questions to panelists using either of two methods:
9:30 a.m. – 9:40 a.m.
Welcome Remarks
by Zachary Katz, Chief Counsel and Senior Legal Advisor, Office of the Chairman, FCC
9:40 a.m. – 10:45 a.m.
Impact of the Transition on the Technology and Economics of the PSTN
Participants include: University of Colorado, Carnegie Mellon, George Washington University, Massachusetts Institute of Technology (MIT), Gillan Associates, SIP Forum
10:45 a.m. – 11:45 p.m.
Policies of the PSTN (e.g., accessibility, reliability, affordability, and public safety)
Participants include: Tufts University, Consumer Federation of America, University of Wisconsin, Neustar
1:00 p.m. – 2:10 p.m.
Implementing the Transition to New Networks
Participants include: Verizon, Comcast, Carnegie Mellon, National Telecommunications and Information Association (NTIA), XO Communications
2:10 p.m. – 3:20 p.m.
Syncing Expectations, Emerging Technologies and the Public Good
Participants include: Georgetown University, University of Michigan, University of Pennsylvania – Wharton, Acme Packet, Panasonic Systems Networks
3:20 p.m. – 4:30 p.m.
Economic Rationales for PSTN Transition
Participants include: Queens College, Indiana University, Syracuse
University, Sanford Bernstein, University of Auckland, NZ
If you found this post interesting or useful, please consider either:
Yesterday the Internet Society formally joined the opposition to the Stop Online Piracy Act (a.k.a. "SOPA" - background info available) with a statement from the Internet Society Board of Trustees:
http://isoc.org/wp/newsletter/?p=4932
The statement says in part:
The Internet Society Board of Trustees has expressed concern with a number of U.S. legislative proposals that would mandate DNS blocking and filtering by ISPs to protect the interests of copyright holders. While the Internet Society agrees that combating illicit online activity is an important public policy objective, these critical issues must be addressed in ways that do not undermine the viability of the Internet as a platform for innovation across all industries by compromising its global architecture. The Internet Society Board of Trustees does not believe that the Protect-IP Act (PIPA) and Stop Online Piracy Act (SOPA) are consistent with these basic principles.
Specifically, the Internet Society is concerned with provisions in both bills regarding Domain Name System (DNS) filtering. DNS filtering is often proposed as a way to block illegal content consumption by end users. Yet policies to mandate DNS filtering will be ineffective for that purpose and will interfere with cross-border data flows and services undermining innovation and social development across the globe.
The statement goes on in further detail to outline the organization's concerns.
The opposition of the Internet Society to SOPA is not a surprise given that the organization issued a white paper on the perils of DNS Filtering back in the spring of 2011 in response to the U.S. Senate's version of the bill, the Protect-IP Act (a.k.a. "PIPA"). Still, a formal statement of opposition is very welcome to add to the many other voices indicating that SOPA and PIPA specify the wrong solutions to the problem.
Great to see!
[Full Disclosure: I am employed by the Internet Society but NOT in the public policy section and so all opinions expressed here are entirely my own and do not necessarily represent the views of the organization.]
If you found this post interesting or useful, please consider either:
IPv6, DNSSEC, RPKI, etc.: What’s the Holdup and How Can We Help?You’re busy. We get it. This industry moves fast and you’ve got your hands full keeping your networks updated and secure from the threat of the day. But why is it taking so long to deploy IPv6, DNSSEC, and other standards coming out of the IETF? These standards are the future of the Internet, but deployment to date has been slow.
He'll be outlining the new ISOC project of which I am a part that aims to help speed up the deployment of these standards - and asking for feedback and help. I will be there along with another team member, Megan Kruse, to talk with folks about the project and interact with people involved with IPv6, DNSSEC and other technologies.
It's been a good number of years since I last attended a USENIX conference but I'm very much looking forward to getting back with the crowd. Looks like some excellent technical talks so I'm looking forward to learning a good bit.
If you are down at LISA, please do feel free to drop me a note - or find me on Twitter. I expect I'll be tweeting out of the event and probably posting some thoughts and comments.
If you found this post interesting or useful, please consider either:
I thought we’d have to wait 20-25 years before a critical mass of people would defend the net. But SOPA has brought that day a lot closer. SOPA galvanized the tech community, from start-ups to venture capitalists to the largest web companies. SOPA was an unexpected shock and a wake-up call. Well, guess what? Now the internet is awake. And I don’t think it’s going back to sleep any time soon. We might need to rally again in the near future, but we can do that. The internet learns fast.
Stresses the need to protect the integrity of the global internet and freedom of communication by refraining from unilateral measures to revoke IP addresses or domain names;
All in all a much better situation than was the case two weeks ago...
Image credit: jasonippolito on Flickr
Please note that this blog post represents my personal opinion and has no connection whatsoever to any employers or other organizations, either past or present.
If you found this post interesting or useful, please consider either:
I covered the basics of SOPA (HR.3261) and its companion bill in the Senate, S.968, the "PROTECT-IP Act", last week and and in the time since I wrote that post the public opposition to SOPA has mounted dramatically as people have come to understand what exactly these bills will do. Like many, I applaud the intent of these bills to protect intellectual property, but am concerned that the mandated mechanism of "DNS filtering" proposed by these bills will have serious negative consequences.
If you want to understand the technical issues with the proposed mechanism, there are three whitepapers I would recommend for reading - and for sharing with your legislators. (I've sent the links in to my representatives.) I'd note that the first two documents were prepared back in the spring of 2011 to address the U.S. Senate's version, the PROTECT-IP Act, but the mechanism proposed in SOPA is essentially the same.
In this easy-to-read paper, the Internet Society explains why DNS filtering is not a solution, how the mechanism can be easily circumvented and how it will "not solve the problem, interfere with cross-border data flows and services, and undermine the Internet as a single, unified, global communications network." The document discusses the issues of "collateral damage" of website blockage, explains some of the non-technical issues and provides links to further resources.
This whitepaper was written by 5 of the leading DNS designers, operators and researchers and dives into significant technical depth. In particular, it looks at how the proposed DNS filtering mechanism would break the implementation of DNSSEC, a newer method being deployed to help secure the DNS infrastructure. The paper, too, addresses how easily DNS filtering can be bypassed (and provides very simple examples demonstrating this) and the security issues that come with that circumvention. It also looks at the "collateral damage" issue, the impact to content delivery networks (CDNs) and the overall impact that DNS filtering would have to the Internet.
This recent paper from Allan A. Friedman, a Fellow at the Brookings Institution, frames the SOPA/PROTECT-IP debate in terms of the impact to national cybersecurity. It again covers the issues with DNS filtering, impacts to DNSSEC, unintended consequences, etc., but does so from the point-of-view of how this will affect the cybersecurity position of the U.S., both domestically and at an international level.
All three of these papers are good to read (and share) to understand the technical weaknesses of the proposed solutions in SOPA/PROTECT-IP.
Please do pass them along so that people can understand the technical issues with these proposed solutions.
Image credit: jasonippolito on Flickr
Please note that this blog post represents my personal opinion and has no connection whatsoever to any employers or other organizations, either past or present.
If you found this post interesting or useful, please consider either:
If you have a website, you need to be paying attention...
If you own a domain name, you need to be paying attention...
Backed by the traditional media industries (and all their lobbying $$$) the U.S. Senate and House are considering legislation that would seriously break the Internet as we know it. Rather than the DMCA "takedown notices" that have been used to date, these new bills would require ISPs to disable access to websites.
Basically it would give corporations the ability to manipulate (through ISPs) the DNS system to block access to content that they feel is objectionable or violates their copyrights, etc.
I think we all can generally agree that stopping online piracy and illegal activities is a good goal. As well as being a consumer of online content, I am also a creator of online content, and sure, I don't want my content pirated and mis-used by others...
but a "simple" technical solution is NOT the answer!
On a purely technical point-of-view, the Internet Society has issued a DNS Filtering White Paper on why this type of filtering is not a solution to combating illegal activities... and the danger such filtering has to the fabric of the Internet and to users themselves.
In the US Senate, the bill is S.968, the "Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011 (PROTECT IP)" Act (also known as "PIPA") while over in the house it was first known as the "E-PARASITE bill (the Enforcing and Protecting American Rights Against Sites Intent on Theft and Exploitation Act)" and now has been introduced as H.3261, the "Stop Online Piracy Act (SOPA)".
There has been a great amount of online content generated around this issue. Some of the articles I found useful include:
PopVox has an interesting comparison of the organizations supporting and opposing S.968 and HR.3261. Look at the "Organizations Supporting" and "Organizations Opposing" tabs, although I believe there are more opposing orgs than simply those listed... still, it gives a view of the players involved.
The battle is going on right now with one of the latest updates being that tech industry reps were denied a seat at next week's House hearings and that now the 4 presenters to the committee will all be pro-SOPA entities.
Please... take a moment to read these links above... read even more... educate yourself on what the issues are - and let your opinion be known to your representatives in the U.S. House and Senate. Please spread the word online, too, as we who are users of the Internet need to let our voices be heard...
Image credit: jasonippolito on Flickr
UPDATE #1: Alex Howard has a great collection of SOPA/PIPA-related links, including a video of Senator Ron Wyden (the senator currently putting a "hold" on the PROTECT IP bill in the Senate).
UPDATE #2: While I began this post "If you are a U.S. citizen", Neville Hobson correctly pointed out that those outside the U.S. need to be concerned, too, as this type of government intervention in the Internet by the US government, if successful, will certainly spread to other governments. Plus, any issues affecting DNS will naturally have impacts outside the USA.
Please note that this blog post represents my personal opinion and has no connection whatsoever to any employers or other organizations, either past or present.
If you found this post interesting or useful, please consider either:
Please note that neither the Internet Society nor VOIPSA have any connection to this weblog and any opinions stated here are entirely Dan's.
