Internet Society’s Rough Guide to IETF 78′s Hot Topics
IETF 78 in Maastricht, Netherlands is rapidly approaching (25-30 July). Newcomers’ training and technical tutorials take place on Sunday (25 July), with the working group, BoF, and plenary sessions happening during the week.
Once again the Internet Society has provided a rough guide to the sessions most relevant to our current work. See below.
We have turned our attention to the following broad categories:
- Common and Open Internet
- Global Addressing
- Security and Stability
- Trust and Identity
Of course, with more than 100 working groups, there are many other important technologies under discussion. So for full details of the IETF 78 agenda, see:
(All times below are local Central European Summer Time, UTC+1)
Common and Open Internet
As P2P and VoIP technologies become more prevalent, and network usage patterns sometimes deviate from their architects’ expectations, managing bandwidth to allow best use for customers becomes an increasingly important topic.
conex (Congestion Exposure) WG
The purpose of the CONEX working group is to develop a mechanism by which senders inform the network about the congestion encountered by previous packets on the same flow. Today, the network may signal congestion by ECN markings or by dropping packets, and the receiver passes this information back to the sender in transport-layer acknowledgements. The mechanism to be developed by the CONEX WG will enable the sender to also relay the congestion information back into the network in-band at the IP layer, such that the total
level of congestion is visible to all IP devices along the path, from where it could, for example, be provided as input to traffic management.
Interest: Advancing development and deployment of conex mechanism to allow for more sophisticated, scalable, end-to-end congestion management.
Full charter: http://datatracker.ietf.org/wg/conex/charter/
(27 July, 09:00 – 11:30)
decade (Decoupled Application Data Enroute) WG
Peer-to-Peer (P2P) applications, including both P2P streaming and P2P file-sharing applications, make up a large fraction of traffic in the Internet today. One way to reduce access network and/or cross-domain bandwidth usage by P2P applications is to introduce storage capabilities in the network between hosts running P2P applications. Allowing P2P applications to store and retrieve data from inside the network can reduce traffic on the last-mile uplink, as well as backbone and transit links.
Interest: Content-centric networking is an important emerging networking paradigm, decade may have more general applicability than just P2P.
(27 July, 1300-1500)
homegate (Broadband Home Gateway) BoF
The basic hypothesis of this (proposed) working group is that a well organized collection of requirements for support of various features would make it more likely that future home gateway devices behave better in certain existing problematic situations.
Interest: If the potential overlaps with other SDOs can be clarified, this is potentially important work to improve the ability to deploy new end-to-end technology on the Internet in future.
Draft charter: http://trac.tools.ietf.org/area/tsv/trac/wiki/HOMEGATE#PROPOSEDCHARTER-PLEASEREVIEWUPDATE
Agenda: Not available
(28 July, 0900-1015)
urnbis (Uniform Resource Names, Revised) BoF
The purpose of this BoF is to review the Uniform Resource Name (URN) specifications, and determine what needs to be done to update and possibly extend them.
Interest: URNs have typically been largely of interest to the library and information system communities. It is infrastructure technology for applications on the Internet.
(27 July, 0900-1130)
precis (Preparation and Comparison of Internationalized Strings ) WG
The goal of this group is to assess whether a new method based on the new IDN-based approach to string preparation (IDNA2008) is the appropriate path forward for existing stringprep protocols as well as for other application protocols requiring internationalized strings.
(29 July, 0900-1130)
There is steadily increasing momentum to deploy IPv6 as the IPv4 address pool approaches depletion. While much work is ongoing to support interoperability in coexisting IPv4 and IPv6 network environments, there are also interesting developments in emerging IPv6 environments.
intarea (Internet Area)
The Internet Area Working Group (INTAREA WG) acts primarily as a forum for discussing far-ranging topics that affect the entire area. Such topics include, for instance, address space issues, basic IP layer functionality, and architectural questions. The group also serves as a forum to distribute information about ongoing activities in the area, create a shared understanding of the challenges and goals for the area, and to enable coordination.
Interest: Advancing draft-ietf-intarea-shared-addressing-issues to WG Last Call.
(26 July, 17:40 – 19:40)
Security and Stability
Securing the DNS and greater assurance in routing is critical for the ongoing expansion and evolution of the Internet in all areas of our societies and economies.
karp (Keying and Authentication for Routing Protocols) WG
Many routing protocol deployments, if they use authentication at all, are using older (possibly deprecated) cryptographic algorithms and missing some modern security mechanisms, like replay protection, algorithm agility, or key rollover. In addition, many use the same key permanently. This needs to be fixed. Additionally, key management for routing protocols needs to be added to easily address the terminated-employee problem of compromised shared secrets. Such key management needs to work over multicast media, and needs to work directly over the link layer in some cases (since routing depends upon it).
This recently chartered working group will address a package of framework documents drawn from the work of the original BOF participants
(23 March, 09:00-11:30)
sidr (Secure Inter-Domain Routing) WG
The SIDR WG is focused on securing inter-domain routing. The approach being developed is Resource PKI (RPKI). RPKI adds an authentication framework to BGP. It is going to require a certificate management infrastructure, and models that accommodate infrastructure are on the agenda. Additional agenda topics include: key rollover, removing TLS from the provisioning protocol, revisions to the Trust Anchor format, algorithm migration, and certification policies. This is a key technology for improving trust in the routing infrastructure.
The full charter is available at: http://tools.ietf.org/wg/sidr/charters
Interest: Improving security in the routing infrastructure is a key component to developing a platform for improved confidence in the network, and building out more robust and secure networks.
(28 July, 1300-1530)
saag (Security Area Open Meeting)
Internet Draft: draft-saintandre-tls-server-id-check-08
Representation and Verification of Domain-Based Application Service Identity in Certificates Used with Transport Layer Security
This document specifies best current practices for representing and verifying the identity of application services enabling a secure connection between two entities using certificates in the context of Transport Layer Security (TLS).
Interest: Much of the Trust and Identity related work includes the use of certificates. This is a much needed baseline document.
The draft will be reviewed in the agenda: http://tools.ietf.org/wg/saag/agenda
(29 July, 1300-1500)
Trust and Identity
As public concerns increase about security of infrastructure, privacy, trust, and dentity on the Internet, these themes recur in several working group discussions.
httpstate (HTTP State Management Mechanism) WG
The HTTPSTATE WG is canonically specifying how cookies are actually used in existing HTTP implementations and deployments, thus obsoleting RFC 2109 and updating RFC 2965.
Interest: Improved usability and interoperability for developers along with increased predictability for end users.
(26 July, 17:40-19:40)
The FedAuth effort is an outgrowth of the informal Project Moonshot bar BOF held in Anaheim at IETF 77 (http://www.project-moonshot.org/). Group participants are interested in federated authentication beyond the web. The work is driven by users and organizations that would like to gain federated access to other applications such as IMAP, XMPP, SSH, NFS and a variety of non-IETF protocols. Inputs come from both the security and applications area as well as from external bodies such as JANET, Internet2, and the SAML community.
Interest: The work extends the model used in federated identity management to interactions below the web and has value for both network trust and user managed identity.
Proposed Charter: http://www.project-moonshot.org/bof/charter
(27 July, 0900-1130)
The focus here is HTTP Application Security Minus Authentication and Transport. The goal of this working group is to standardize a small number of selected specifications that have proven to improve security of Internet Web applications. The requirements guiding the work will be taken from the Web application and Web security communities. The proposed work is fairly narrow and the work has good support already.
Interest: This work has a direct bearing on end-user experiences on the web and will improve trust.
(27 July, 1300-1500)
oauth (Open Authentication Protocol) WG
OAuth allows a user to grant a third-party Web site or application access to their resources, without necessarily revealing their credentials, or even their identity. The OAuth working group is heavily focused on the development of the OAuth Version 2.0 specification. The agenda of this meeting is focused exclusively on the OAuth Version 2.0 specification and updating the charter to reflect the focus of the working group. In addition, there was an interim meeting in May to progress the OAuth Version 2.0 effort.
Full charter: http://tools.ietf.org/wg/oauth/charters
Current OAuth Version 2.0 Draft: http://datatracker.ietf.org/doc/draft-ietf-oauth-v2/
(27 July, 1520-1700)
Internet Draft: draft-hansen-privacy-terminology-00
Terminology for Talking about Privacy by Data Minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management
This document won’t be presented in sessions but this document should help inform active privacy discussions in multiple working groups and on the IETF list.