icon-1-darkicon-1-darkicon-1-lighticon-2-darkicon-2-lighticon-3-darkicon-3-lighticon-4-darkicon-4-lighticon-5-darkicon-5-lighticon-6-darkicon-6-lighticon-7-darkicon-7-lighticon-8-darkicon-8-lighticon-9-darkISOC-IconISOC-IconISOC-IconShapeISOC-IconISOC-IconISOC-IconPage 1icon-comma-darkicon-comma-lightFill 1ISOC-IconISOC-Iconicon-dashISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconShapeISOC-IconISOC-IconISOC-IconBLOCKSISOC-IconISOC-IconISOC-IconISOC-IconLISTISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconLEFTISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconShapeDOWN ARROWSEARCHISOC-IconISOC-IconISOC-IconISOC-IconISOC-IconISOC-Icon-Dark-RGBISOC-Society-logo
Rough Guide to IETF 93: Strengthening the Internet Thumbnail
‹ Back
Building Trust 17 July 2015

Rough Guide to IETF 93: Strengthening the Internet

Strengthening the Internet and encryption continue to be active areas for the IETF community. The news stories related to encryption just seem to keep coming. Now some governments are even considering requiring key escrow or banning encryption outright. The stakes continue to rise in this discussion. In this section of the Rough Guide, we will focus on CrypTech, the IAB Privacy and Security program, the Crypto Forum Research Group, and a few relevant IETF work groups happening at IETF 93 in Prague next week.

First, CrypTech (website: https://cryptech.is; wiki: https://trac.cryptech.is/wiki; mailing list: https://wiki.cryptech.is/wiki/MailingLists) is a project to create an open hardware cryptographic engine developed in a transparent manner. While this project is technically outside the scope of the IETF, it was originally started with the support of IETF and IAB leadership. CrypTech is making excellent technical progress, but it needs to establish more robust and stable funding.

At IETF 93, there will be several opportunities to learn more about the CrypTech project and to get involved. First, there will be a hands-on workshop on Saturday, 18 July, to learn more about the current state of the project. A detailed agenda is available here: (https://trac.cryptech.is/wiki/PrahaWorkshop) CrypTech will also be an agenda item in the saag and cfrg meetings mentioned below. This is an interesting project with great potential and many opportunities to participate and contribute.

Moving on, the Internet Architecture Board (IAB, www.iab.org), through its Privacy and Security Program (https://www.iab.org/activities/programs/privacy-and-security-program/) is continuing to work on the topic of confidentiality. A document on “Confidentiality in the Face of Pervasive Surveillance: A Threat Model and Problem Statement” (https://tools.ietf.org/html/draft-iab-privsec-confidentiality-threat-07) has been approved and is in the final steps of publication. The program is now working on a mitigations draft entitled “Confidentiality in the Face of Pervasive Surveillance” (https://tools.ietf.org/html/draft-iab-privsec-confidentiality-mitigations-02). Now is an excellent time to find some of the program participants and discuss this document with the authors.

While this is not an IETF 93 activity, the IAB is also working with the GSMA to plan a workshop on Managing Radio Networks in an Encrypted World (MaRNEW). There is still time to put together position papers if you feel you have something to contribute in this space. (https://www.iab.org/activities/workshops/marnew/) The workshop is planned for 24-25 September in Atlanta, GA, and there should be interesting results to review in time for IETF 94.

Next, the Internet Research Task Force (IRTF) Crypto Forum Research Group (cfrg, https://irtf.org/cfrg) continues to focus on use of cryptography for IETF protocols. It has been focusing extensively on the selection of new elliptic curves for use in IETF protocols, and rough consensus on this topic is documented in “Elliptic Curves for Security” (https://tools.ietf.org/html/draft-irtf-cfrg-curves-02). Hot topics at the meeting this week will include pake schemes, extended hash-based signatures, and elliptic curve signatures. Anyone interested in the future direction of cryptographic curves and algorithms would be well served to follow these discussions.

There are also a number of IETF working groups progressing efforts related to strengthening the Internet that will be meeting this week. In this post I will focus on tls and uta. Other working groups also working on strengthening the Internet are discussed in the “ DNSSEC, DANE, DPRIVE, and DNS Security” and the soon-to-come “Trust, Identity, and Privacy” Rough Guide posts.

The Transport Layer Security (tls) working group is actively working on an update to the TLS protocol (https://tools.ietf.org/html/draft-ietf-tls-tls13-07). This is a very active working group with a mailing list that is not for the faint of heart. There will be two sessions and a total of 4.5 hours of meeting time devoted to progressing the agenda. Topics for IETF 93 include known configuration mechanisms, 0-RTT, PSK and resumption, client authentication, and cipher suites among others.

Since the last IETF meeting, the Using TLS in Applications (uta) working group has published two RFCs; RFC 7525 ”Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)” (https://tools.ietf.org/html/rfc7525) and RFC 7590 “Use of Transport Layer Security (TLS) in the Extensible Messaging and Presence Protocol (XMPP)“ (https://tools.ietf.org/html/rfc7590). This meeting will focus on enhanced email privacy and TLS/DTLS security modules.

Finally, I’d like to give a quick plug for the Security Area Advisory Group (saag) session. This is an excellent way to get a quick view of some of the security-related conversations ongoing in the IETF. This week’s session will include CrypTech along with the state of transport security in email and http. All in all, there is much to see and do in the world of Strengthening the Internet for IETF 93.

Related Meetings, Working Groups, and BoFs at IETF 93:

cfrg (Crypto Forum Research Group)
Wednesday, 22 July 2015, 1300-1530, Athens/Barcelona
Agenda: https://tools.ietf.org/agenda/93/agenda-93-cfrg.html
Charter: https://irtf.org/cfrg

tls (Transport Layer Security) WG
Tuesday, 21 July, 2015, 1520-1720, Congress Hall III,
Wednesday, 22 July 2015, 0900-1130, Grand Ballroom
Agenda: https://tools.ietf.org/wg/tls/agenda
Documents: https://tools.ietf.org/wg/tls
Charter: https://tools.ietf.org/wg/tls/charters

uta (Using TLS in Applications) WG
Tuesday, 21 July 2015, 1740-1840, Congress Hall III
Agenda: https://tools.ietf.org/wg/uta/agenda
Documents: https://tools.ietf.org/wg/uta
Charter: https://tools.ietf.org/wg/uta/charter

saag (Security Area Advisory Group)
Thursday, 23 July 2015, 1300-1500, Congress Hall II
Agenda: https://tools.ietf.org/agenda/93/agenda-93-saag.html

Follow Us

There’s a lot going on in Prague, and whether you plan to be there or join remotely, there’s much to monitor. To follow along as we dole out this series of Rough Guide to IETF blog posts, follow us on the Internet Technology Matters blog, Twitter, Facebook, Google+, via RSS, or see http://cfdev2.internetsociety.org/rough-guide-ietf93.

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Building Trust 21 February 2020

NDSS 2020: The Best in Security Research – For the Good of the Internet

On 23 February, the 27th consecutive Network and Distributed System Security Symposium (NDSS) kicks off in San Diego, CA....

Building Trust 11 February 2020

Every Day Should Be Safer Internet Day

Safer Internet Day is an opportunity for people and organizations around the world to join forces in a series...

Building Trust 28 January 2020

This Data Privacy Day It’s the Little Things That Count

Today we’re celebrating Data Privacy Day, which is all about empowering people and organizations to respect privacy, safeguard data,...

Join the conversation with Internet Society members around the world
This site is registered on wpml.org as a development site.