Rough Guide to IETF 98: Encryption Thumbnail
‹ Back
Building Trust 24 March 2017

Rough Guide to IETF 98: Encryption

Karen O'Donoghue
By Karen O'DonoghueDirector, Internet Trust and Technology

IETF 98 in Chicago next week seems to be relatively quiet from an encryption perspective compared to some past meetings. However, this could be viewed as an indication of the progress that has been made in recent years as the IETF community has focused heavily on enabling encryption across protocols and updating the cryptographic algorithms being used in those protocols. There is not a great deal of activity specific to encryption in Chicago, and the work represented here this week is quite mature.

Some evidence of the continuing evolution in the encryption space is the IETF 98 Hackathon. There are two separate hackathon efforts being planned to work on implementation and testing improvements for both DTLS and TLS. If you are in Chicago for the weekend, stop by to check on the progress and offer a helping hand. It is a great way to learn more about both DTLS and TLS and to contribute your talents to advancing the implementations. Details on the agenda and all the various projects for the IETF 98 Hackathon are available on the wiki for the event (

After a weekend spent deep in the actual code, you are now ready to work on the specification! The Transport Layer Security (TLS) working group is busy preparing a significant update to the current version of TLS. Three years, nineteen versions, and 127 pages later, the proposed specification is in Working Group Last Call (WGLC). ( The WGLC is scheduled to end on 27 March – just in time to discuss any issues raised during the working group review during the meeting here at IETF 98. Also on the agenda for the TLS working group is a companion update to DTLS ( With the time remaining, the TLS working group will discuss a DANE record and DNSSEC authentication change extension for TLS, certificate compression, and delegated credentials. The TLS working group is one of the most active and productive in the IETF and well worth your time.

The next working group that will meet is the Using TLS in Applications (UTA) working group. The working group has finished a number of pieces of work, and this week will be focused on drafts related to Strict Transport Security (STS) for mail (SMTP) transfer agents and mail user agents.

The last working group I’d like to mention is the CURves, Deprecating and a Little more Encryption (curdle) working group. This group was chartered to add and update the cryptographic mechanisms to some IETF protocols. Since the last IETF, the curdle working group has published two RFCs. The first is RFC 8080 “Edwards-Curve Digital Security Algorithm (EdDSA) for DNSSEC” (, and the second one is RFC 8103 “Using ChaCha20-Poly1305 Authenticated Encryption in the Cryptographic Message Syntax (CMS)” ( For next week’s meeting, the curdle working group will focus on a number of drafts addressing cryptographic aspects of PKIX (Public-Key Infrastructure (X.509)), CMS (Cryptographic Message Syntax), and SSH (Secure Shell).

Finally, normally a regular session at IETF meetings, the Crypto Forum Research Group is not meeting this week, deciding instead to meet at Eurocrypt 2017 in Paris on 30 April 2017. There is still time to register for the meeting for those who are interested.

Relevant Working Groups at IETF 98:

TLS (Transport Layer Security)
Tuesday, 28 March, 0900-1130, Zurich E/F

UTA (Using TLS in Applications)
Tuesday, 28 March, 1450-1620, Zurich G

CURDLE (CURves, Deprecating and a Little more Encryption)
Monday, 27 March, 1710-1810, Montreaux 3

Follow Us

There’s a lot going on in Chicago, and whether you plan to be there or join remotely, there’s much to monitor. To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Building Trust 21 February 2020

NDSS 2020: The Best in Security Research – For the Good of the Internet

On 23 February, the 27th consecutive Network and Distributed System Security Symposium (NDSS) kicks off in San Diego, CA....

Building Trust 11 February 2020

Every Day Should Be Safer Internet Day

Safer Internet Day is an opportunity for people and organizations around the world to join forces in a series...

Building Trust 28 January 2020

This Data Privacy Day It’s the Little Things That Count

Today we’re celebrating Data Privacy Day, which is all about empowering people and organizations to respect privacy, safeguard data,...

Join the conversation with Internet Society members around the world