Internet security continues to receive much attention both in the media and within the Internet Engineering Task Force (IETF) and similar organizations that develop technical solutions and standards. Last September, someone managed to break into a trusted Certification Authority's system and subsequently produced numerous fake digital certificates, files that comprise part of the architecture for what is generally referred to as "browser security." In our first article, Geoff Huston describes what happened, the implications of this form of attack on the security of web-based services on the Internet, and what can be done to prevent similar attacks in the future.
In our second article, Richard Barnes describes the work of the DNS-based Authentication of Named Entities (DANE) working group in the IETF and explains how DANE, when deployed, can help prevent the sort of attack that is described in our first article.
This year I am celebrating 25 years in Internet technical publishing. Prior to launching The Internet Protocol Journal (IPJ), I was the editor of ConneXions—The Interoperability Report, published from 1987 until 1997 by Interop Company. With the generous support of The Charles Babbage Institute at the University of Minnesota, ConneXions, which was a paper-only publication, has been scanned and made available online. To mark the 25 combined years of ConneXions and IPJ, we asked Geoff Huston to examine the state of computer communications 25 years ago and give us his thoughts on where we have been and where we might be going in this rapidly developing technology landscape.
Please remember to check your subscription expiration date and take the necessary steps if you wish to continue receiving this journal. You will need your subscription ID and the e-mail address you used when you subscribed in order to access your record and renew online. Visit the IPJ website at www.cisco.com/ipj and click on the "Subscriber Services" link to get to the login page. The system will send you a URL that allows direct access to your record. If you no longer have access to the e-mail you used when you subscribed or you have forgotten your subscription ID, just send a message to firstname.lastname@example.org and we will make the necessary changes for you.
—Ole J. Jacobsen, email@example.com