Stories about: IETF

Australian Geoff Huston is one of the foremost authorities on Internet routing and scaling issues. We sent Huston, a former Chief Scientist, Telstra Internet, a few questions about the U.S. government's plan to bolster R&D to secure the Internet's core routing protocol, the Border Gateway Protocol (BGP). Here are excerpts of from what Huston had to say:

Internet security gurus and leading vendors are urging the US federal government to rapidly deploy security and authentication mechanisms at the top level of the DNS hierarchy, which is known as the root zone.

Years of in-fighting over the DNSSEC standard have left Internet users unnecessarily exposed to malware.

Spoofers, spammers and phishers, beware. There's a new gun in town, and some of the Internet's most powerful companies -- including Yahoo, Google, PayPal and AOL -- are brandishing it in the ongoing battle against e-mail fraud.

The late Internet pioneer Jon Postel (1943-1998), among others, developed the Simple Mail Transfer Protocol (SMTP) in 1982 that is still used today for Internet mail communications. But I'm sure Postel would be turning over in his grave if he could see the abuse that his protocol is subject to today.

Olaf Kolkman, a Dutch DNS expert, is the new chair of the Internet Architecture Board, a panel of 13 leading network engineers who provide technical oversight to the IETF, the Internet's premier standards-setting body. He's also CEO of NLnet Labs, an Amsterdam research group focused on DNS security.

A few years ago, I had the privilege of seeing some root DNS servers in action at VeriSign's main headquarters. It's something I had wanted to do for over a decade, and I was literally slightly shaking with excitement (yes, I am that big of a geek).

Last February at Purdue University, a student taking "cs390s - Secure Computing" told his professor, Dr. Pascal Meunier, that a Web application he used for his physics class seemed to contain a serious vulnerability that made the app highly insecure. Such a discovery didn't surprise Meunier. "It's a secure computing class; naturally students want to discover vulnerabilities."

Network access control stands out as one of the most promising security technologies, but it also is one of the most misunderstood. Here are explanations that may clarify some of your questions.

Network access control stands out as one of the most promising security technologies, but it also is one of the most misunderstood. That's in part because vendors want in on the NAC buzz and are clamoring for attention, despite selling products that are only peripheral. This raises problems for companies that want to consider NAC but don't have a solid sense of what it is, what it might do for them and what kind of investment it requires.