• Open Standards Everywhere for Enhancing Availability and Security

    by  • June 26, 2020 • Blog, Training

    Blog post prepared on 7th June 2020 by Ammar HADI, a participant in the Internet Society Training Course “Open Standards Everywhere“. Ammar is Iraqi and based in Iraq, but has studied in the UK and therefore submitted his application to join the course through the UK Chapter. He is one of three people from the Chapter (exceptionally) to have followed this course and he will be able to apply its teachings in his home country, where he now resides.
    The UK Chapter is glad to have been able to promote better security to the Internet where it is needed.
    — ISOC UK England Leadership Team

    The mission of Internet Society: Internet Society (ISOC) has an extremely respectful mission that includes supporting the development of the Internet to all people in the world regardless of their colour, gender and background. ISOC is the focal point for the cooperative efforts to promote the Internet as a beneficial tool. It is interesting to know that the membership of ISOC is free and it offers many opportunities for its members such as training, fellowships, and grants for attending events.

    Action Plan 2020: ISOC believes that the Internet is for everyone. To achieve this, ISOC initiated action plan 2020 for promoting reliable information related to the Internet. In this plan, ISOC continues to work towards supporting Mutually Agreed Norms for Routing Security (MANRS) initiative. Recently, the threats across the Internet such as spoofing, hijacking and leaks could have a big negative impact in our daily life. MANRS has attracted much attention since its ability to reduce these threats. In other words, the MANRS initiative makes the global routing infrastructure more robust and secure. In the meantime, ISOC dedicates one of the projects in the action plan 2020 for the open standards everywhere topic.

    Open standards everywhere: Nowadays, a major challenge of web service administrators is how to keep their services connected, fast and secure. For achieving this goal, web administrators should update their web servers and websites with the latest versions of Internet standards. ISOC took the role to make these standards available on every website and web server including ISOC’s websites.
    The main target of open standards everywhere is to explain the tools by which everyone would be able to enhance the performance of websites which needs cooperation with the web server. This can be achieved by developing globally connected features with IPv6 and HTTP2 standards. Furthermore, it can be done by making the connection faster and more secure with adopting TLS and DNSSEC standards. It is worth mentioning that all these standards are developed by the Internet Engineering Task Force (IETF).

    Now, the standards are discussed briefly:

    IPv6 (Internet Protocol version 6): IPv6 is considered to be the next generation of the Internet protocol (IP). IPv6 was designed for providing a larger address space than that of its IPv4 counterpart. Besides, the security is improved by using IPv6 as it adopts more rigid authentication methods.

    HTTP2 (Hypertext Transfer Protocol 2): HTTP2 was established in 2015 to increase the speed of page load in web browsers since it reduces the latency and makes the connection between servers and the clients more efficient as well.

    TLS (Transport Layer Security): This standard is responsible for the encryption of the connection between web servers and web browsers. It protects web applications from some kinds of cyber attacks. Fortunately, it is available and can be easily activated.

    DNSSEC (Domain Name System Security Extension): From its name, DNSSEC provides a secure way for getting the required information from DNS servers. This standard gives a strength authentication in DNS using a digital signature.

    Examining websites: For any website, internet.nl offers a direct test to examine the existence of these vital standards that are mentioned above. According to the resulting report of the test, any administrator can make positive changes to the website. The ISOC chapters utilised the skills to enhance the performance of the chapters’ websites. For example, the score of UK England chapter has been increased from 50% to 55%. Moreover, HTTP2 can be examined by http2.pro. The documentation for the training is available here for anyone who is interested and wants to get further information.

    Future vision: The goal of ISOC is to increase the security and availability of web servers across the Internet by the end of 2020. Meanwhile, ISOC intends to expand the web server documentation for HTTP3 when it moves out into deployment. Additionally, there are some ideas to demonstrate the standards that are related to other servers such as DNS server, mail server and time server.

    Personal Impact: I have participated in the open standards everywhere, special thanks to the UK England chapter for facilitating my participation. From this training, I picked up the required tools to make the websites more secure and more accessible. My work in the Iraqi ministry of communication allows me to recognise the various cyber threats and the technical limitations of the network. Therefore, this training inspired me to promote open standards among Iraqi web administrators.

    About