Donate

Improving Technical Security

Global infrastructure is required so that Internet endpoints without a prior relationship can communicate in a trusted and secure way. Unmediated connections are a hallmark of the Internet. Technologies such as encryption infrastructure, time security, and identity and authentication functions comprise the necessary infrastructure. It is this shared connectivity and trust infrastructure that enables a trustworthy and secure Internet for everyone, so it is where we will focus our efforts in 2019.

To that end, the Mutually Agreed Norms for Routing Security (MANRS) campaign, successful in 2018, continues in 2019. MANRS has historically focused on measuring companies’ and organizations’ commitments to take action. This theme will continue in 2019 with a goal of doubling the number of MANRS members by the end of the year. We will also engage the community in discussions with the aim of establishing a governance model that supports a sustainable MANRS community, so that the project does not need further incubation.

Beyond strengthening the community, the deployment of the MANRS Observatory in 2019 will permit something more dramatic: the ability to note how many routing leaks happen on the Internet, whether there is a downwards trend in such failures, and whether the efforts of MANRS (and other routing security efforts such as route signing) appear to make any difference. For the first time, we will be able to report to the Internet community about the outcomes of MANRS. This will allow a mid-year decision on where MANRS will go next: whether there are new norms to embrace, or indeed whether MANRS can be effective at all.

Beyond MANRS, we will work within various communities to create the technical and policy building blocks that allow trust infrastructure to be developed, promoted, and implemented. We will continue to support developments that are needed for confidential end-to-end communication. We will examine the deployment issues surrounding network time synchronization security mechanisms. At the beginning of 2019, we will undertake an effort to identify and report the hurdles in standardization, usability, software availability, and operationalization, and to identify next steps; the report will be complete and published by the end of the year. More generally, we will develop a methodology for identifying how certain trust technologies can be deployed effectively, and test the methodology’s utility in improving those technologies.

As ever, Internet Society staff will contribute to the development of best practices or technical standards resulting in standards that are secure and deployable in global setting. We will assess potential deployment issues in the deployment of new standards such as Transport Layer Security (TLS) 1.3, and Domain Name System (DNS) over TLS and HTTPS. To reach communities such as network operators, we will use the proven Deploy360 Programme channels to report on these issues and to drive deployment of these and other trust technologies.

In addition, we continue to advocate for the importance of security and trust in the components and operations that make up the Internet’s infrastructure. The adoption and implementation of industry and community-wide norms of behavior that protect the public core, including in the international security community, is an important objective in that context. Not only will we continue to advocate strongly that trust in the Internet’s infrastructure is an important foundation for the Internet itself to be secure and trustworthy, but we will continue to seek technical and policy levers that affect the ecosystem positively.

Technical Security News

Routing Security – Getting Better, But No Reason to Rest!
Routing Security – Getting Better, But No Reason to Rest! Thumbnail
Improving Technical Security 5 February 2019

Routing Security – Getting Better, But No Reason to Rest!

Editor’s note: This is an abridged version of a post that was first published on MANRS.org. Read the full...

Call for Participation – ICANN DNSSEC Workshop at ICANN64 in Kobe, Japan
Call for Participation – ICANN DNSSEC Workshop at ICANN64 in Kobe, Japan Thumbnail
Improving Technical Security 29 January 2019

Call for Participation – ICANN DNSSEC Workshop at ICANN64 in Kobe, Japan

Will you be at the ICANN 64 meeting in March 2019 in Kobe, Japan? If so (or if you...

Internet Society Delhi Chapter and CCAOI Organize Webinar on India’s Draft Intermediary Rules
Internet Society Delhi Chapter and CCAOI Organize Webinar on India’s Draft Intermediary Rules Thumbnail
Improving Technical Security 17 January 2019

Internet Society Delhi Chapter and CCAOI Organize Webinar on India’s Draft Intermediary Rules

On 10 January, the Internet Society Delhi Chapter and CCAOI jointly organised an interactive webinar on the draft Information Technology [Intermediary Guidelines...

Update on Latin America and Caribbean Workshop for Chapter Leaders
Update on Latin America and Caribbean Workshop for Chapter Leaders Thumbnail
Improving Technical Security 15 January 2019

Update on Latin America and Caribbean Workshop for Chapter Leaders

In July 2018, the Internet Society’s Latin America and Caribbean Bureau held another edition of the Workshop for Chapter Leaders....

NAT64Check Version 2 is launched!
NAT64Check Version 2 is launched! Thumbnail
Improving Technical Security 1 January 2019

NAT64Check Version 2 is launched!

With the New Year comes the launch of NAT64Check version 2 from the Internet Society. The first version of...

DNS-over-TLS in Linux (systemd)
DNS-over-TLS in Linux (systemd) Thumbnail
Improving Technical Security 28 December 2018

DNS-over-TLS in Linux (systemd)

Whilst we were putting together some content about DNS privacy recently, we learned that recent distributions of Linux ship...

Load More