Donate
Rough Guide to IETF 99: A Sampling of Encryption-Related Activities Thumbnail
‹ Back
Encryption 17 July 2017

Rough Guide to IETF 99: A Sampling of Encryption-Related Activities

Karen O'Donoghue
By Karen O'DonoghueResearch Analyst

Encryption is once again a hot topic, and there’s much to discuss at IETF 99 this week in Prague. This time the hottest action will definitely be in the Transport Layer Security (TLS) working group. TLS is considering everything from privacy implications for TLS1.3 to how to reduce handshake latency. As mentioned in previous Rough Guide blogs on the topic, the working group is busy on the completion of the TLS 1.3 specification. It has completed working group last call, and the working group is addressing the comments received during that process. Draft 21 was released on 3 July in anticipation of this week’s discussion. (https://datatracker.ietf.org/doc/draft-ietf-tls-tls13/)

In addition to the TLS 1.3 effort, the TLS working group has kicked off on an update to the Datagram Layer Transport Security (DTLS) Protocol (DTLS 1.3) (https://datatracker.ietf.org/doc/draft-ietf-tls-dtls13/) and has a number of additional drafts on the agenda. In particular, based on the mailing list traffic, there will be an active discussion about a draft (https://datatracker.ietf.org/doc/draft-green-tls-static-dh-in-tls13/). This document proposes a mechanism to address the challenges associated with supporting enterprise requirements in the presence of TLS 1.3. It is a controversial draft and many have indicated that it should not be discussed in the IETF. In addition to the technical merits of the proposal, the implication of RFC 2804 (https://www.rfc-editor.org/info/rfc2804) on this draft will be discussed. A second session on Monday has been added specifically to provide enough time for all the TLS topics.

The next topic of interest for encryption is the Crypto Forum Research Group (cfrg). Always a popular session at IETF, this week the CFRG will discuss six different drafts, including Re-keying Mechanisms for Symmetric Keys (https://datatracker.ietf.org/doc/draft-irtf-cfrg-re-keying), Verifiable Random Functions (https://tools.ietf.org/html/draft-goldbe-vrf-01), Collective Edwards-Curve Digital Signature Algorithm (https://datatracker.ietf.org/doc/draft-ford-cfrg-cosi), The Transition from Classical to Post-Quantum Cryptography (https://tools.ietf.org/html/draft-hoffman-c2pq-01), Hash-Based Signatures ( https://datatracker.ietf.org/doc/draft-mcgrew-hash-sigs), and Kangaroo Twelve (https://tools.ietf.org/html/draft-viguier-kangarootwelve-00).

Three of the working groups focused on updating crypto algorithms and using TLS in IETF protocols are meeting at IETF 99. The CURves, Deprecating and a Little more Encryption (curdle) working group was chartered to add and update the cryptographic mechanisms to some IETF protocols. It will have a very short meeting to discuss key exchange method updates and recommendations for Secure Shell (SSH). There will also be some discussion about potential future work for the curdle working group.

The DKIM Crypto Update (dcrup) working group is just getting started. It will be focused on updating the cryptographic aspecs of RFC 6376 (https://www.rfc-editor.org/info/rfc6376). The new working group has a short agenda this meeting, but given the recent popularity of conversations around cryptography, this may well expand to fill available time. Drafts under discussion include Cryptographic Update to DKIM (draft-ietf-dcrup-dkim-crypto), Cryptographic Algorithm and Key Usage Update to DKIM (draft-ietf-dcrup-dkim-usage), and Defining Elliptic Curve Cryptography Algorithms for use with DKIM (draft-ietf-dcrup-dkim-ecc). Hot topics include key hashes and key sizes.

The final working group discussed in this blog is the Using TLS in Applications (UTA) working group. The uta working group has finished a number of pieces of work, and this week will be focused on a draft related to Strict Transport Security (STS) for mail (SMTP) transfer agents and mail user agents. It will also discuss a draft on the use of TLS to provide confidentiality of email.

All in all, there is plenty to keep the encryption enthusiasts engaged here at IETF 99.

Relevant Working Groups at IETF 99

tls – Transport Layer Security
Monday, 17 July 2017, 1330-1530, Congress Hall I
Wednesday, 19 July 2017, 930-1200, Grand Hilton Ballroom
Agenda: https://www.ietf.org/proceedings/99/agenda/agenda-99-tls-01.txt
Charter: https://datatracker.ietf.org/wg/tls/about/

cfrg – Crypto Forum Research Group
Tuesday, 18 July 2017, 15:50-1750, Congress Hall I
Agenda: https://datatracker.ietf.org/meeting/99/agenda/cfrg/
Charter: https://irtf.org/cfrg

curdle – CURves, Deprecating and a Little more Encryption
Monday, 17 July 2017, 1130-1200, Congress Hall III
Agenda: https://datatracker.ietf.org/meeting/99/agenda/curdle/
Draft: https://datatracker.ietf.org/doc/draft-ietf-curdle-ssh-kex-sha2/

dcrup – DKIM Crypto Update
Thursday, 20 July 2017, 1100-1130, Berlin/Brussels
Agenda: https://datatracker.ietf.org/meeting/99/agenda/dcrup/
Charter: https://datatracker.ietf.org/wg/dcrup/about/

uta – Using TLS in Applications
Thursday, 20 July 2017, 1810-1910, Berlin/Brussels
Agenda: https://datatracker.ietf.org/meeting/99/agenda/uta/
Charter: https://datatracker.ietf.org/wg/uta/about/

Follow Us

There’s a lot going on in Prague, and whether you plan to be there or join remotely, there’s much to monitor. To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see http://www.internetsociety.org/rough-guide-ietf99.

‹ Back

Related articles

Rough Guide to IETF 100: Identity, Privacy, and Encryption
Rough Guide to IETF 100: Identity, Privacy, and Encryption
IETF10 November 2017

Rough Guide to IETF 100: Identity, Privacy, and Encryption

Identity, privacy, and encryption continue to be active topics for the Internet Society and the IETF community impacting a broad...

Rough Guide to IETF 98: Encryption
Rough Guide to IETF 98: Encryption
Encryption24 March 2017

Rough Guide to IETF 98: Encryption

IETF 98 in Chicago next week seems to be relatively quiet from an encryption perspective compared to some past meetings....

Rough Guide to IETF 101: Privacy, Identity, and Encryption
Rough Guide to IETF 101: Privacy, Identity, and Encryption
Encryption16 March 2018

Rough Guide to IETF 101: Privacy, Identity, and Encryption

It’s that time again! In this post of the Rough Guide to IETF 101, I’ll take a quick look at...

Join the conversation with Internet Society members around the world