#ripe84 — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #ripe84, aggregated by home.social.
-
#ipv6
#avm
#ripe84
https://stadt-bremerhaven.de/fritzos-7-90-geht-mit-neuen-funktionen-in-den-test/
https://www.ripe.net/community/wg/active-wg/ipv6/minutes/ipv6-working-group-minutes-ripe-84/
https://ripe84.ripe.net/wp-content/uploads/presentations/59-ripe84_ipv6wg_vpn_rotating_prefixes.pdfChange log:
Internet: Übertragung von IPv6-Daten über einen Wireguard VPN-Tunnel
Verbesserung Zufällige Berechnung der Unique Local Address (ULA, IPv6) nach RFC 4193
Verbesserung Kommunikation zu allen AVM-Diensten über IPv6 mit Fallback auf IPv4 -
-
Et pour bien finir le #RIPE84, une notification du RIPE que deux participant·es ont signalé qu'ils avaient été testés positifs au retour :-(
-
And that's the end of #RIPE84 for me. Back at home, gonna relax and recover from a week of socializing. Saw more people this week than I did in the last two years.
-
Cool, cool, cool. Time to make a report about a CoC violation. Way to end the meeting.
-
-
-
Technical report on #RIPE84 : we had two 10 G/s uplinks (Deutsche Telecom), typically 120 Mb/s used (a maximum at 721 M/s, 600 being IPv6).
45 WiFi access points.
-
-
The test: setting up a HTTPS site, asking a certificate and revoking it. Then, running a paid ad on it and see how many clients connect.
Answer: around 80 % of clients happily accept the revoked certificate.
-
Now, Geoff Huston tests certificate revocation. In March, many russian certificates were revoked by CAs, as sanctions. Did it work?
Spoiler: no. Revocation does not work.
-
Beim RIPE84-Treffen gab es viel Anerkennung dafür, wie Netzwerker in der Ukraine ihr Netz behüten. Ein großer Vorteil ist die ausgeprägte Dezentralität.
Weitgehend stabil: Ausgeprägte Dezentralität schützt das Internet in der Ukraine -
About the "Insufficient identity data for matching" slide, I'm thinking that the mess of online identities (and the country-specific variations) is the last protection we have for our personal data in the EU.
(As usual, Estonia, the digital paradise, is the worst, privacy-wise.)
-
The european directive NIS2 may force this ID checking by domain name registries. #RIPE84
-
#eIDAS checking is now implemented in the (free software) registry #FRED https://fred.nic.cz/
-
The Web site of the project (checking domain name registrants with #eIDAS) https://regeid.eu/
-
The speaker criticizes Germany for being the only country in the EU choosing the most privacy-protecting provisions of #eIDAS, complicating the sevice.
May be the Germans have some historical experience about the risk of identity controls?
-
@SchtroumfGrognon Faut pas venir à #RIPE84 alors :-)
-
In the EU, 71 to 87 % #DNS queries go through the same AS (probably the ISP resolver). 4 to 26 % (depending on the exact way you measure) go through Google. As you can see, the actual answer varies a lot depending on the design of the experiment. (Big difference enterprise networks vs. consumer)
-
-
Remote presenter, remote questioner in the #DNS Working Group session. Room is still pretty full with onsite attendees. Nice setup!
-
If you examine your network traffic, #DoQ runs by default over port 853 (like DNS over DTLS, which nobody ever used).
-
-
Now, Ignas Bagdonas benchmarks #BGPsec performance. On his lab setup, it is awfully slow.
Interesting explanations about software optimisation. BGPsec uses SHA-2 (hard for memory, cool for the CPU) and ECDSA (the opposite): do them in parallel (but the BGPsec format of data does not make it easy).
