Donate
Rough Guide to IETF 91: Strengthening the Internet (STRINT) Activities Continue Thumbnail
‹ Back
IETF 6 November 2014

Rough Guide to IETF 91: Strengthening the Internet (STRINT) Activities Continue

Karen O'Donoghue
By Karen O'DonoghueResearch Analyst

The daily news stories and revelations related to pervasive Internet monitoring have slowed in recent months, but the work to strengthen the Internet (STRINT) continues within the Internet community. Now is an excellent time to take a quick look at some of the STRINT-related activities that are being discussed next week at IETF 91 in Honolulu.

First, the Internet Architecture Board (IAB), has established a Privacy and Security Program with three areas of focus: Resilience, Confidentiality, and Trust. While all of these contribute to general strengthening of the Internet, the confidentiality area in particular is actively working on a threat model and problem statement document: “Confidentiality in the Face of Pervasive Surveillance: A Threat Model and Problem Statement.” Additional details about this program will be presented at the IAB Technical Plenary on Monday evening (1850-1750 in Coral 3).

The Security Area Advisory Group (saag) has been discussing terminology over the last several months. This discussion has evolved into a draft with the fabulous title: “Opportunistic Security: Some Protection Most of the Time.” This draft is out for a second IETF Last Call which is scheduled to end on 18 November. Now is an excellent time to review the discussions on the saag and ietf mailing list archives and use the opportunity of the Honolulu face to face time to catch the key protagonists in the hallway to ask those burning questions.

The tls (Transport Layer Security) working group is actively working on an update to the TLS protocol. They just finished a two-day interim meeting in October, and they plan another pre-IETF interim meeting on Sunday (9 November 2014, 9:30 – 13:30) ahead of their regular session on Thursday. For those of you with extra space in your Inbox, this is just the working group for you. (https://www.ietf.org/mail-archive/web/tls/current/maillist.html)

Several additional working groups are taking a second look at how encryption is used within their protocols. While highlighting each one here is a bit too detailed, keep an eye out for those discussions in the individual working group meetings. One that does deserve mention is the relatively new uta (Using TLS in Applications) working group that is specifically tasked with looking at the use of TLS in applications.

The Crypto Forum Research Group is not actually meeting in person during IETF91, but the discussion related to choosing cryptographic curves has been quite active on the mailing list (https://www.ietf.org/mail-archive/web/cfrg/current/maillist.html). A successful open transparent multi-stakeholder (and yes I know those words sometimes seem overused these days, but…) process to establish consensus on cryptographic curves going forward is a key component to strengthening the Internet.

I mentioned this during my comments for IETF90, and while I see there hasn’t been much activity, I’d still like to put in a plug for it because volunteers are badly needed. There is an effort to review existing RFCs for privacy and pervasive monitoring issues. This is an excellent way to read some of those old RFCs that you never got around to. The wiki for that activity is at https://trac.tools.ietf.org/group/ppm-legacy-review/.

Finally, while this isn’t exactly an IETF activity, I’d like to mention that the CrypTech project is making excellent progress in developing an open hardware cryptographic engine. This effort could eventually provide a set of open source cryptographic building blocks along with a trustworthy set of tools to be used to build more secure Internet products. Join the public mailing lists to follow progress.

Related Meetings, Working Groups, and BOFs at IETF 90:

tls (Transport Layer Security) WG
Thursday, 13 Nov 2014, 900-1130, Coral 5
Agenda: https://tools.ietf.org/wg/tls/agenda
Documents: https://tools.ietf.org/wg/tls
Charter: https://tools.ietf.org/wg/tls/charters

uta (Using TLS in Applications) WG
Tuesday, 11 Nov 2014, 900-1130, Coral 2
Agenda: https://tools.ietf.org/wg/uta/agenda
Documents: https://tools.ietf.org/wg/uta
Charter: https://tools.ietf.org/wg/uta/charter

Follow Us

There’s a lot going on next week, and whether you plan to be there or join remotely, there’s much to follow. To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see http://www.internetsociety.org/rough-guide-ietf91.

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Rough Guide to IETF 90: Strengthening the Internet
Rough Guide to IETF 90: Strengthening the Internet
Building Trust21 July 2014

Rough Guide to IETF 90: Strengthening the Internet

The pervasive monitoring revelations over the past year have galvanized the Internet technical community around the topic of Strengthening the...

Rough Guide to IETF 92: Strengthening the Internet
Rough Guide to IETF 92: Strengthening the Internet
Improving Technical Security20 March 2015

Rough Guide to IETF 92: Strengthening the Internet

One of our primary strategic objectives for 2015 is work related to strengthening the Internet. News continues to come in...

Rough Guide to IETF 94: Strengthening the Internet
Rough Guide to IETF 94: Strengthening the Internet
IETF29 October 2015

Rough Guide to IETF 94: Strengthening the Internet

The ongoing efforts of the Internet community to strengthen the Internet continue with IETF 94 in Yokohama next week. Even...

Join the conversation with Internet Society members around the world