Well @chrysn@chaos.social, I really appreciate your good intentions and will to fight for users' #privacy.
But I was not talking about you or the few independent developers who still volunteer at #IETF these days.
I was talking about IETF effects on the Internet standards as a whole.
I'm afraid the impact of a few independent engineers is not going to balance the power of organized and well funded #BigTech lobbyists.

As an example, let's stay on topic and look at RFC 9001, "Using #TLS to Secure #QUIC".
All that is said about the impoved ability of the server to identify (and thus track) the user are in two lines about session resumption (emphasys mine):

Session resumption allows servers to link activity on the original connection with the resumed connection, which might be a privacy issue for clients. Clients can choose not to enable resumption to avoid creating this correlation.

Now please notice the #hypocrisy: the wording is set up as if clients should opt-in, but it's pretty unlikely that users will be given a choice between a personal data leak at protocol level and an imperceptible increase in connection time, in particular with 0-RTT where " Endpoints cannot selectively disregard information that might alter the sending or processing of 0-RTT".

So while I'm pretty curious about @bagder@mastodon.social's perspective, I see that #Google managed to get a protocol designed to thwart user privacy and reduce its own server costs (even just the energy consumed during TLS hadshakes, amount to thousands dollars each day).

This way, if EU would decide to forbid tracking cookies at all, Google would get a competitive advantage over all other #AdsTech companies.

Now a properly working IETF would have rejected such shit, knowing that it would have been leveraged against people (and democracies) though #Chrome browsers and #Android defaults.

CC: @daniel@gultsch.social @lorenzo@snac.bobadin.icu

@giacomo @daniel @lorenzo I did not review that particular spec, but for those I do, I'd raise hell before publication as #IETF if such problems were unaddressed, and know many other reviewers who would do the same.

@daniel@gultsch.social

#QUIC (and #HTTP3) exists to serve the interests and needs of #Google.

In particular 0-RTT is basically a low-level cookie that allows deterministic user tracking below and before #http: if it will ever spread, disabling or deleting cookies, even out-lawing them, won't be a issue for #SurveillanceCapitalism.

So these days what happens at #IETF is much more lobbying than engineering. Overpaid engineers lobby against the users to further cement the power of their corporations.

I wouldn't call these as "improvements".

These days, sadly, IETF is the place where the fundamental fabric of the internet is constantly being ^^enshittified**.

@lorenzo@snac.bobadin.icu

@daniel@gultsch.social

#QUIC (and #HTTP3) exists to serve the interests and needs of #Google.

In particular 0-RTT is basically a low-level cookie that allows deterministic user tracking below and before #http: if it will ever spread, disabling or deleting cookies, even out-lawing them, won't be a issue for #SurveillanceCapitalism.

So these days what happens at #IETF is much more lobbying than engineering. Overpaid engineers lobby against the users to further cement the power of their corporations.

I wouldn't call these as "improvements".

These days, sadly, IETF is the place where the fundamental fabric of the internet is constantly being ^^enshittified**.

@lorenzo@snac.bobadin.icu

#IETF124 was, of course, great, but I also enjoyed Montreal a lot.
My flight home is only this afternoon so I went for a walk to grab some bagels and check out Habitat 67.

#Montreal #IETF #Habitat67

We conclude #IETF week with a new release of Cascade, 0.1.0-alpha4 'Mont-Royal'.

@terts has taken on the brunt of the work, with quality-of-life improvements that make our #DNSSEC signer easier to use and understand.

As always, we appreciate your continued testing and feedback. We're well on our way to our first production release in the first half of 2026.

#IETF124 #DNS #OpenSource #rustlang

https://github.com/NLnetLabs/cascade/releases/tag/v0.1.0-alpha4

This isn't related to my work, but personally I'm a bit obsessed with space-related topics, so I really enjoyed the presentation on the challenges of streaming Netflix over Starlink.

#IETF #IETF124 #SpaceX #Starlink

Day 2 of the Hackathon went great. Marvin ( @larma) helped me implement an opt-in feature in #Conversations_im which routes all P2P sessions (calls and files transfers) via the users home server (similar to the feature found in Signal).

I went on a nice walk to a viewpoint on Mount Royal afterwards.

Now looking forward to Day 1 of #IETF124.

#XMPP #IETF #Jabber

Day 2 of the Hackathon went great. Marvin ( @larma) helped me implement an opt-in feature in #Conversations_im which routes all P2P sessions (calls and files transfers) via the users home server (similar to the feature found in Signal).

I went on a nice walk to a viewpoint on Mount Royal afterwards.

Now looking forward to Day 1 of #IETF124.

#XMPP #IETF #Jabber

I’m looking forward to being in Montreal for #IETF124 in a couple of hours (a 2 hour drive from my house in Vermont). A fun personal fact… the very *first* #IETF meeting I attended in-person was IETF 66… *19 years ago* … in Montreal!

At that time in 2006 I was focused on voice-over-IP and various elements of the SIP protocol, and various elements of VoIP security. Many IETF meetings later, my focus is different, but still looking to help make the Internet work better!

https://www.ietf.org/proceedings/66/

@Mer__edith @datum

Somebody please #timewarp me to 1999-01-06 and invent an #IETF #standard #protocol for federated #instantMessaging 🙂

Btw. my local internet club, founded in 1995, does host both #Jabber and Matrix now. No #hyperscaler involved. No #selfHosting needed.

#RFC6120 #community

🆕 blog! “Alpha launch - .well-known/avatar - feedback wanted”

I've gotten sufficiently annoyed with a trivial problem that I'm preparing to write an IETF RFC. Yeah. That's how ticked off I am!

Every site that I sign up for asks me to upload an avatar to represent myself. Whenever I change my photo, I have to log in to a hundred sites and change it…

👀 Read more: https://shkspr.mobi/blog/2025/10/alpha-launch-well-known-avatar-feedback-wanted/
⸻
#IETF #ReDeCentralize #standards #web

If you’re in #Montreal for the #IETF meeting @evan is running an #ActivityInThePub at Vieux Dublin on November the 2nd
@kini will be there from #FediHost fielding questions about devops and cheese if you’re lucky!

https://mobilisons.ch/events/bc5f8878-1d6f-4e13-be1c-3a5863a468ea

🆕 blog! “Alpha launch - .well-known/avatar - feedback wanted”

I've gotten sufficiently annoyed with a trivial problem that I'm preparing to write an IETF RFC. Yeah. That's how ticked off I am!

Every site that I sign up for asks me to upload an avatar to represent myself. Whenever I change my photo, I have to log in to a hundred sites and change it…

👀 Read more: https://shkspr.mobi/blog/2025/10/alpha-launch-well-known-avatar-feedback-wanted/
⸻
#IETF #ReDeCentralize #standards #web

If you’re in #Montreal for the #IETF meeting @evan is running an #ActivityInThePub at Vieux Dublin on November the 2nd
@kini will be there from #FediHost fielding questions about devops and cheese if you’re lucky!

https://mobilisons.ch/events/bc5f8878-1d6f-4e13-be1c-3a5863a468ea

@timpritlove @derbruesseler Die #IETF WG, wenn sie denn zustande kommt, wird aber auch nur Teile des Stacks standardisieren. Man wird nicht durch lesen der RFCs ein BlueSky kompatibles Netzwerk bauen können.

This... seems very interesting

#Bluesky is "...standardizing parts of #ATProtocol in an effort to establish long-term governance for the protocol."

"to establish long-term governance for the protocol"

Here: https://docs.bsky.app/blog/taking-at-to-ietf

Also see at #Github:

"Add patent pledge link to README (# 4246)"

"Bluesky Social PBC has committed to a software patent non-aggression pledge. For details see [the original announcement] (https://bsky.social/about/blog/10-01-2025-patent-pledge)."

Here: https://github.com/bluesky-social/atproto/commit/d239f0bcf5e7ed391c8ced32e13aaa4c1324a757

All that said, not sure exactly what it *means* long-term, but it is... interesting

#AT #IETF #Patents

#IETF Pecha-Kucha (funny talk) of Barbara Jantzen at the last meeting, about #DNSSEC. Next time you have a DNSSEC issue, watch the video. https://www.youtube.com/watch?v=7mQ5x7Jpj4I

(For my French-speaking followers: good level of englsh required.)