IETF Working Groups. https://datatracker.ietf.org/wg/ 127 Working Groups in:

Similar documents
Encryption Everywhere

The IETF. Open Standards for an Open Internet. Olaf M. Kolkman. I speak about and not for the IETF. Saturday, April 13, 13

Pervasive Monitoring. June /16

Russ Housley 21 June 2015

Internet Governance and Internet Standardization in the Post-Snowden Era. Alissa Cooper IETF Chair / Cisco Fellow November 2017

Help Keep the Internet Strong and Open

Internet Engineering Task Force Newcomers Overview. March 2018

ITU Forum Bridging the ICT standardization & development gap. The Internet Engineering Task Force (IETF) and Internet Standardisation

Africa IETF initiative: The Role for NRENs

IETF Participation Experiences and Contributions

What s Happening at the IETF & IRTF? Human Rights Protocol Considerations and how to get involved

P2PSIP, ICE, and RTCWeb

RID IETF Draft Update

AMS Monthly Management Report to the IETF Q Table of Contents

Third public workshop of the Amsterdam Group and CODECS C-ITS Deployment in Europe: Common Security and Certificate Policy

Technical Overview. Version March 2018 Author: Vittorio Bertola

The IETF. Open Standards for an Open Internet. Eliot Lear Andrew Sullivan. Benoit Claise. Olaf M. Kolkman. IETF Leadership present

Introduction to the DANE Protocol And Updates From IETF 88

The IETF. or Where do all those RFCs come from, anyway? Steven M. Bellovin

Operators and the Internet Engineering Task Force (IETF)

This is a sample chapter of WebRTC: APIs and RTCWEB Protocols of the HTML5 Real-Time Web by Alan B. Johnston and Daniel C. Burnett.

NFS Version 4 Security Update

Expertise that goes beyond experience.

Open Standards for an Open Internet

Privacy in the Internet Engineering Task Force. Alissa Cooper

Keying & Authentication for Routing Protocols (KARP) draft-lebovitz-kmart-roadmap-03

DNS Privacy - Implementation and Deployment Status

Lightweight DTLS Implementation in CoAP-based IoT

Internet Engineering Task Force (IETF) Category: Standards Track. M. Petit-Huguenin Impedance Mismatch November 2013

Internet based IoT connectivity Technologies

Call for submissions by the UN Special Rapporteur on Freedom of Expression

Internet Research Task Force (IRTF) Request for Comments: 7418 Category: Informational December 2014 ISSN:

WLAN Security Overview

Security Baseline Data Model for Network Infrastructure Device draft-xia-sacm-nid-dp-security-baseline-00 draft-dong-sacm-nid-cp-security-baseline-00

LIPPU-API: Security Considerations

AMS Monthly Management Report to the IETF Q Table of Contents

Creating the IETF IDWG Intrusion Detection Protocols IDMEF & IDXP

Symantec Security Monitoring Services

GLOSSARY. Advanced Encryption Standard. Cisco Adaptive Security Appliance. Business-to-business. Binary Floor Control Protocol.

Security and Compliance at Mavenlink

Group Leader Quickstart Guide. Original photo by Trey Ratcliff

Software Updates for Internet of Things (SUIT) WG. IETF 101, Monday, March 19, 2018 Chairs: Dave Thaler David Waltermire Russ Housley

Department of Computer Science. Burapha University 6 SIP (I)

Data Security and Privacy at Handshake

Features and benefits Easy group communications is an important part of operational communications because incidents can occur anywhere, anytime. Resp

October 4, 2000 Expires in six months. SMTP Service Extension for Secure SMTP over TLS. Status of this Memo

Protocol Architecture (2) Suguru Yamaguchi Nara Institute of Science and Technology Department of Information Science

5G Security. Jason Boswell. Drew Morin. Chris White. Head of Security, IT, and Cloud Ericsson North America

CITEL s s Focus on Cybersecurity and Critical Infrastructure Protection CITEL

Cybersecurity Standards Coordination and Deployment Strategies: CITEL Initiatives

Internet Engineering Task Force (IETF) Request for Comments: 8516 Category: Standards Track January 2019 ISSN:

Experience Security, Risk, and Governance

building an effective action plan for the Department of Homeland Security

RTCWEB Working Group. Media Security: A chat about RTP, SRTP, Security Descriptions, DTLS-SRTP, EKT, the past and the future

Version LTI Integration for Web Conferencing User's Guide

Constrained Application Protocol (CoAP) Vilen Looga, M.Sc. Doctoral

Routing Area Open Meeting IETF 97 Seoul. Alia Atlas Deborah Brungard Alvaro Retana

DNS Privacy Clients. Stubby, Mobile apps and beyond! dnsprivacy.org

Inland Revenue. Build Pack. Identity and Access Services. Date: 04/09/2017 Version: 1.5 IN CONFIDENCE

IETF 90. TorontO, ON, CANADA Fairmont Royal York July 20 - July25, Version 01 Updated :17 EDT

Lecture 13 Page 1. Lecture 13 Page 3

Shim6: Network Operator Concerns. Jason Schiller Senior Internet Network Engineer IP Core Infrastructure Engineering UUNET / MCI

TAPS-related topics from the NEAT project. Naeem Khademi (NEAT project) TAPS WG - IETF 97 Seoul- South Korea 16 November 2016

What we did last OARC. Keith Mitchell DNS-OARC RIPE77 DNS WG Amsterdam, Oct 2018

How to get a trustworthy DNS Privacy enabling recursive resolver

IBM SmartCloud Engage Security

IETF Activities Update

Latest work in the IETF for SDN and NFV

WG Leadership Tutorial. IETF 92: Dallas, TX March 22, 2015 Margaret Wasserman

Identity as a Platform Service

CSTD Working Group on improvements to the IGF Summary of the 3 rd meeting

IoT Roadmap in the IETF. Ines Robles

Web Security Model and Applications

MLS BOF. Chair Slides: Nick & Sean IETF 101. Messaging Layer Security

KARP KMP-Using IKEv2 with TCP-AO

Reflections on Security Options for the Real-time Transport Protocol Framework. Colin Perkins

Constrained Application Protocol (CoAP) Vilen Looga, M.Sc. Doctoral

A New Internet? RIPE76 - Marseille May Jordi Palet

Network Requirements

Services: Monitoring and Logging. 9/16/2018 IST346: Info Tech Management & Administration 1

Internet Engineering Task Force (IETF) Request for Comments: 7435 Category: Informational December 2014 ISSN:

RID IETF Draft Update

Transport Layer Security

TIBCO Cloud Integration Security Overview

Overview! Automated Certificate Management (ACME) Protocol! IP-NNI Task Force! Mary Barnes - iconectiv!

Using EAP-TLS with TLS 1.3 draft-mattsson-eap-tls IETF 101, EMU, MAR John Mattsson, MOHIT sethi

IETF 103. Chairs: Flemming Andreasen Bo Burman

Session initiation protocol & TLS

Internet Engineering Task Force (IETF) Category: Standards Track. A. Langley Google Inc. E. Stephan Orange July 2014

Lecture 12 Page 1. Lecture 12 Page 3

Our Work at The Internet Society

Internet Engineering Task Force (IETF) ISSN: November 2015

Delegated Authenticated Authorization Framework (DCAF)

IDC FutureScape: Worldwide Security Products and Services 2017 Predictions

Smart Gas Grids. Manuel Sánchez, Ph.D. Team Leader Smart Grids Directorate General for Energy European Commission

Category: Best Current Practice February Early IANA Allocation of Standards Track Code Points

Internet Engineering Task Force (IETF) Request for Comments: Google Inc. October 2018

Data Sheet Instant Connect Mobile Client When your business is on the line, Instant Connect is here for your most critical communications needs. Welco

IETF/W3C/etc De-facto STD Overview (in My Case)

HEALTH INFORMATION INFRASTRUCTURE PROJECT: PROGRESS REPORT

Transcription:

IETF Working Groups https://datatracker.ietf.org/wg/ 127 Working Groups in: Applications Transport Internet Operations and Management Real-time Applications and Infrastructure Routing Security tcpinc, tcpm, rmcat tls, jose, oauth, dane ccamp, pwe3, pim ospf, isis, mpls, pce, idr httpbis,scim, websec, json, weirds homenet, trill, lisp, dhc, 6lowpan, sunset4, ntp clue, codec, dime, dnsop, dispatch, rtcweb, ipfix, vipr, xmpp, payload opsec 1

Mission of the IETF Make the Internet work better by producing high quality, relevant technical documents that influence the way people design, use, and manage the Internet. RFC3935 2

Ethos of the IETF Open standards process Everyone is invited to participate at all levels Our primary venue is email All working and published documents are freely available online One Internet Open standards for a global Internet Maximum interoperability and scalability Avoid specialized protocols in different places Contributions are judged on technical merits: rough consensus and running code, RFC7282 3

IETF Security Active/Recent Working Groups Crypto TLS Transport Layer Security IPsec IP Security PKIX Public Key Infrastructure (X.509) JOSE JavaScript Object Signing and Encryption DANE DNS-based Authentication of Named Entities UTA Using TLS in Applications Authentication and Authorization Oauth Open Authentication AbFab Application Bridging for Federated Access Beyond Web Kitten Common Authentication Technology Next Generation HTTPAuth HTTP Authentication ACE Authentication and Authorization for Constrained Environments SCIM System for Cross-Domain Identity Management (one of many security related WGs in other IETF areas) 4

IETF Security Active/Recent Working Groups Security Automation and Incident Response SACM Security Automation and Continuous Monitoring MILE Managed Incident Lightweight Exchange NEA Network Endpoint Assessment Routing and Application SIDR Secure Inter- Domain Routing KARP Keying and Authentication for Routing Protocols WebSec Web Security 5

IETF Security Internet of Things ACE Authentication and Authorization for Constrained Environments https://datatracker.ietf.org/wg/ace/charter/ DICE DTLS In Constrained Environments https://datatracker.ietf.org/wg/dice/charter/ CORE Constrained RESTful Environments https://datatracker.ietf.org/wg/core/charter/ LWIG Light-Weight Implementation Guidance https://datatracker.ietf.org/wg/lwig/charter/ 6

New IETF Work Related to Pervasive Monitoring (PM) Pervasive Monitoring Is an Attack RFC7258/BCP188 published after major IETF LC debate sets the basis for further actions https://www.rfc-editor.org/rfc/rfc7258.txt BCP says to consider PM in IETF work Existing-RFC privacy/pm review team formed Opportunistic security (OS) Provides a way to get much easier deployment for some intermediate level of security Fallback to unauthenticated encrypted sessions instead of plaintext https://datatracker.ietf.org/doc/draft-dukhovniopportunistic-security/ 7

IETF Work related to PM and Opportunistic Security Using TLS is Applications (UTA WG) Update existing RFCs on how to use TLS in applications and mandate implementation of non-pfs ciphersuites Generic BCP for TLS ciphersuites TLS 1.3 (TLS WG) TLS 1.3 being developed aiming for better handshake performance and encryption properties And learning from our history of previous TLS problems HTTP/2.0 (HTTPBIS WG) Major deployment model: HTTP over TLS Significant debate: concept of http: URIs being accessed via TLS (altsvc), with no browser indication that crypto is happening Debate on requiring server auth TCP Increased Security (TCPInc) Provide TLS functionality within TCP Support Opportunistic security with a way to hook in authentication DNS Privacy Reducing exposure of sensitive names found in DNS https://datatracker.ietf.org/doc/draft-bortzmeyer-dnsop-dns-privacy/ 8

Emerging Work Areas End-to-end Security for email Multiple solutions, early days, will involve much debate with emerging solutions Many problems to solve Network Security as a Service (NSaaS) Assess policies as a tenant to a service provider, automated 9

How Can I help? Participate in the volunteer-driven IETF working groups Join working group mailing list, for example: MILE@ietf.org Participate in an existing thread, or start a thread on any questions based on review of an existing draft, or propose work related to MILE IETF-wide meetings are held three times a year, participation can be in person or remotely Review background information on working groups, including implementation information: List of working groups: https://datatracker.ietf.org/wg/ Contribute to open source code implementing standards Provide feedback on code and associated RFCs and drafts Join the Privacy/PM Review team: ietf-privacy@ietf.org Or submit a ticket with your review information: https://trac.tools.ietf.org/group/ppm-legacy-review/wiki 10

Internet Society Fellowships to the Internet Engineering Task Force (IETF) https://www.internetsociety.org/fellowships ISOC Fellowships support participation in IETF meetings by technical professionals, advanced IT students, and other qualified individuals from emerging economies who would otherwise be unable to attend. With an open, competitive application process, the programme selects Fellows from around the world to attend in-person IETF meetings, provides a guided introduction to the IETF, and pairs Fellows with experienced mentors. Photo Stonehouse Photographic /Internet Society More than 200 Fellows since 2006 have helped build a diverse, global community of participants active in Internet protocol development. Pictured: Internet Society Fellows to the IETF at the 83rd IETF meeting held in Paris, France on 25-30 March 2012 The Internet Society provides funding and programmatic support for Fellows.

Internet Society Policy Programme to the Internet Engineering Task Force (IETF) https://www.internetsociety.org/ietfpolicyprogramme Pictured: Internet Society Public Policy Guests at the 83rd IETF meeting held in Paris, France on 25-30 March 2012 Photo Stonehouse Photographic Internet Society The ISOC Policy Programme to the IETF provides policymakers and regulators first-hand experience with and insight into the Internet technical community and IETF standards setting processes. The programme identifies current and emerging Internet policy leaders from countries around the world, supporting their attendance at IETF in-person meetings including conversations with IETF leadership and deep dives into specific issues of interest with technical experts. More than 92 Policy guests since 2012 have participated in the programme, strengthening the shared understanding of the interplay of technical and policy aspects of the Internet. The Internet Society provides funding and programmatic support for the policy guest programme.

Thank You Kathleen Moriarty Stephen Farrell Security Area Directors

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback