Hannes Tschofenig

Personal blog about various IETF and Internet related activities

Aug 15

Earlier this year I presented some performance results to the IETF LWIG working group. Here is the slide deck I presented to the community.

The slides are also available for download.

The idea of my presentation at the Dallas IETF meeting was to get others to enhance the performance investigations to gain a better idea of what can be expected when using state-of-the-art crypto in IETF protocols as part of their IoT platform. The results could be summarized in an IETF draft, such as in the IETF TLS minimal draft of the LWIG group.

Subsequently, I also worked with my co-worker Manuel on a submission to the NIST lightweight cryptography workshop where we summarized our work. The submission summarizes the main findings.

The paper is also available for download.

It turns out to be difficult to find someone who is interested in doing some performance analysis.

Here is what I believe we need:

  • Verification of the existing results.
  • More data from other crypto libraries (or even DTLS/TLS stacks).
  • Tests run on other hardware platforms (such as the Cortex M7).
  • Tests beyond performance, such as RAM usage, flash size, etc.
  • Tests that focus on other algorithms.

If you are interested in this topic and would like to contribute to the work please drop me an email (Hannes.Tschofenig AT arm.com) or via Skype (HannesTschofenig). I am also happy to take a look at prior work you did.

I am convinced it is useful for many engineers and researchers to know how fast the currently available algorithms are on modern IoT hardware.

Apr 15

Dave Thaler, Mary Barnes, and I had the honor to talk to the participants of the IETF#92 meeting in Dallas/Texas about the recently published Smart Object Architecture document, see RFC 7452. The presentation was given during the technical plenary of the Internet Architecture Board (IAB).

A recording of the talk was produced for remote participants.

The slide deck below contains many links to articles offering additional background material. If you encounter problems with the links embedded in the PDF file distributed as part of the IETF meeting proceedings please use the Powerpoint slides instead (those are available for download). We hope that those will be useful for you to educate the community about the messages conveyed in RFC 7452 and the need to take security and privacy in Internet of Things / Smart Object deployments into account.



Jan 15
IIW Meeting Room at the Computer History Museum
Picture of the meeting venue at the Computer History Museum
taken before the show started.


When I attended the last Internet Identity workshop in Mountain View, California Justin Richer gave an OpenID Connect tutorial. I decided to record it since it could be useful for others as well. While my camera ran out of power half-way through the tutorial I believe Justin got the core idea across (and most of the discussion that followed afterwards got skipped).

Anyway, here are the two videos:

OpenID Connect Tutorial (1/2)

OpenID Connect Tutorial (2/2)

More info about OpenID Connect can be found at http://openid.net/connect/.

Internet Identity Workshop
Unconferences, like the IIW, require re-creating
a new agenda every day. A wall with cards is used by
the participants to arrange a satisfactory schedule. 
Jan 15

[Warning: This is not one of my IETF/Internet standardization blog posts.]

It is known to many that I like running; I also talk about it, show pictures from various running events, and offer recommendations. Hence, it is not unreasonable to ask me what recommendations I can offer for someone who wants to start running. Since I got that question a couple of times already I thought I should write a few notes down, as a reference.

It is actually quite simple. So, here are my suggestions:

1) Go to a sports doctor first.

Regardless how old you are and fit you believe you are schedule a visit to a sports doctor. Your motivation to start running will likely vary but you at least want to find out whether there is any problem with your gait. This will also help you to better know what types of shoes to buy since you might need shoes with special insoles or shoes with support for overprontation. Of course, it helps to know if there are some other (potentially not yet known health issues). The latter part is particularly important if you are older and/or overweight.This initial step will help you to prevent all sorts of injuries later, which will inevitably show up as you increase your mileage and intensity (even though you cannot imagine that right now). The money (if you have to pay something at all) then it will be well spent.

Don’t just take the short-cut and use one of these ‘we will find your right shoe’ at fairs or sport shops. They are “nice” but are often done by people with no idea what they are doing.

Finding a suitable sports doctor might be a challenge but you want to search for someone with an education in sport medicine/orthopaedic medicine. Maybe you even find someone who is focused on training athletes. That might sound like an overkill since you are just starting and you are an amateur (and not a professional) but the underlying issues are the same and you can benefit from the expertise gained with professionals.

2) Sign up at a gym (and go there).

This again might surprise you but you need to work on your muscles since running is a full-body sport. You need to improve your muscles at the core of your body (which will most likely be under-developed anyway). You need to strengthen your muscles of the stomach and the back. You will also have to work on your lower part of the body since you want to increase stability.

It is a common misconception that running will already ensure that these other muscles are trained. They are not. If you do not train these muscles you will get injured more easily and you will most likely have pain at different parts of your body (including back, hip, knee, bottom, etc.). Funny enough you will get the pain with a bit of time delay, which makes it very difficult to figure out what the exact reason was. Also, the pain may appear at a place you do not assume (due to the complex structure of the body). In any case, I think this advice is particularly important if you run on trails and in mountains.

3) Get good shoes (and many of them).

Obviously, you will have to buy running shoes. Which shoes to buy will depend on the terrain you are most likely to run in. I would strongly suggest that you run in all terrains and during the entire year (all weather conditions). Why? First, it is less boring and second your body (and particularly your feet) do not get used to a particular style of ground (like road running on asphalt or concrete).

Different types of shoes offer very different properties. Shoes for road running offer little traction support but lots of cushion. Shoes for running mountains will need much more traction (and maybe less cushion, particularly if you are using them only for uphill running). Running during the winter in a cold climate with snow and ice will require shoes with spikes and with insulation (so that you feet do not feel numb after 30 minutes running). As said earlier you will also have to take your posture assessment into account when buying shoes.

Why do I suggest you to buy many pairs? This is part of the ‘provide variation for your body’ story. First, you will hopefully run on different terrain (as suggested earlier) and second even running on the same terrain with different types of shoes will give you a very different experience (and the same is true for your feet as well). Running with minimalistic shoes one day and with regular road running shoes the other day on the same route will feel very different.

If you have the chance to add trail running running to your routine then you want shoes that do not cause you to slip. You might also want some protection against sharp rocks, tree roots, or other stuff.

Note that it is perfectly fine to walk some parts of your running route, particularly if the elevation makes it difficult for you to run the entire course. It is not a shame to walk (even for a runner). With ultra-marathon running you will see everyone (expect for the world leading professionals) walking uphill to safe energy for the later part of the race.

Here is what I am currently using:

Winter Running Shoe

  • Icebug DTS Dri BUGrip

I use this shoe in the winter since it has both studs in the sole and is water resistant. While you can buy products where you can put spikes over your shoes when you need that extra grip those do not give running shoes any water resistance (of course). However, the mesh used by most running shoes offers maximum ventilation to let moisture escape. Unfortunately, this is not very useful for the winter since your feet will be frozen (or at least feel very uncomfortable) even during a short run. Waterproof socks, like those offered by SealSkinz, will give you an extra layer of protection but require your shoes to be bought one size larger (at least) to accommodate for the extra layer of socks. I use SealSkinz socks in addition to Injinji sock liners.

Trail/Mountain Running Shoes

  • Icebug ANIMA BUGrip
  • Icebug Acceleritas 2
  • Innov 8 X Talon 212
  • Salomon Speedcross 3

Since I run a lot on trails I have a number of trail running shoes. For running mountains (uphill only) my favorite is the Innov 8 shoe since it has excellent grip. The Icebug Anima BUGrip is the best since it has lots of studs in the sole and also delivers excellent grip on nearly every terrain. Of course, you don’t want to use it on the road since you would ruing the studs fairly quickly. I use this shoe both in the summer and in the winter. I like it so much that I bought several pairs of it.

Road Running Shoes

  • ASICS Gel Nimbus 14
  • Brook Trance 10

There is not much to say about road running shoes. They may offer overpronation support (if you need it) and typically have a fair amount of cushion to deal with impact of running on a hard surface.

Long Distance Running Shoes

  • Brooks Cascadia 8
  • Hoka One One Stinson B

My favorite here is the Brooks Cascadia and I bought it twice since it worked so well for me in ultra-marathons. While it is said to be a trail running shoe I don’t really see it as such since it completely fails you once the ground is wet. I am looking forward to try the Brooks PureGrit 3 in the near future since it is said to have much better grip.

Minimalistic Running Shoes

  • New Balance Minimus
  • Vibram FiveFinger
  • Saucony Kinvara

I use these shoes only to improve my running style. I have never used them in a race but I did use them in pretty much every terrain (except for mud). They are fun to try but be careful to
start slowly since your feet will need time to get used to them.

3) Nutrition.

Of course, everyone will tell you to eat healthy. Nothing to add to that. If you are not overweight then you will find it easier to run. But don’t get fooled: if you are loosing too much weight then you might just run into problems as well. So, try to maintain a health diet.

Various sports equipment, like sports watches and fitness bands, measure your calorie consumption and it might be easy to believe that you can now eat more since you do all this sport. If you use any of these devices you will notice one important thing: running is a very efficient sport (in terms of the calories you consume per hour compared to other sports like biking or swimming) but you will still be surprised how few calories you consume with a tough run. You should also know that these measurements are not really useful as absolute values since it is hard to measure energy consumption overall. Hence, if you use more than one device you will observe a huge variation. My conclusion after using them for years is that the measured calorie consumption is not really useful for anything. So, don’t get too obsessed about it or even use it as a way to plan your workouts.

Also, don’t be too focused on using energy gels or other products during runs (because advertisement tells you). If you run is too short (everything below 90 mins) then they will not really help you to improve your performance in my opinion. If you run longer than 90 mins then you should take some food with you and everything will basically work. Energy gels are not rocket fuel (even though they sometimes taste like that). Take a banana or a sandwich with you and you will be fine. Anything you like works (as long as it has carbohydrates).

Having something to drink with you is important since dehydration settles in fairly quickly (particularly if it is warm or windy). Water is good enough – you don’t need anything in the water (as long as you take in some additional minerals and salt). Again, this will really only matter if you do long runs (more than 90 mins).

4) Take it easy and have fun.

This is probably the most important advice. I hope you are running because you like it and not because you feel obligated to do it to impress your friends, loose weight, participation in certain running events, etc. Run when you feel like you should go running and enjoy the environment. Run where you see something nice, where you enjoy the scenery, or to meet like-minded persons. Don’t run if you feel fatigued or ill. Training plans are also mostly stupid. Running is more than just collecting miles (kilometers).

If you stay motivated (because you like it) then you will gain much more in the long term.

I also do not believe that you need to train for running events in particular. If you maintain a good fitness level over the entire year then you can just participate in any run that meets your current level. (Of course, it makes no sense to sign up to events that are just far beyond your current fitness level. For example, it is not a good idea to sign up to an ultra-marathon if you haven’t even run a marathon yet. I have seen people doing that and they even managed to finish the race but it was not a pleasant experience for them.)

Note, however, that I am not saying that you shouldn’t try to train along the course of a future running event. Many organizers publish the GPS tracks for their events and so it makes sense to run there prior to the race, if you have the chance to do so. Knowing the terrain you are going to run in a race will help you to know where the difficult segments are, and how the terrain looks like.

I personally like to participate in running events from time to time but I also like to create my own “adventures”. By adventures I mean I put my own running route together on the PC and then load it to my Garmin eTrex 20 and follow the route.

5) Gear.

Needless to say that you need additional equipment beyond running shoes. What exactly you need depends on things like the environment, the weather, the season, the duration of the run, etc. I think the sports watch is something to discuss since many manufacturers have not switched to a service model that requires you to upload all your training data to their website. Sometimes you cannot even configure all settings of your watch anymore without using their cloud services. That’s a bit crazy IMHO.

These watches provide an increasing number of features but some, as mentioned earlier, are not really exact measurements. So, it depends a lot what functionality you are planning to use. I argue that most functionality is pretty useless except for the heart-rate. Knowing the heart rate allows you to know in what intensity zone you are training and how long you will be able to sustain the pace. The heart rate data will only be meaningful if you know your minimum and maximum heart rate and your threshold between the anaerobic and the aerobic zone. Will learn this information when you do your test at the sports doctor (see item #1). This data will vary also between different types of sport and quite naturally between persons. So, don’t compare the absolute hear rate values with your friends. It will be a meaningless comparison!

I have been using sports watches for many years already I have to come to the conclusion that I am actually using very few of their features. The raw data is often uninteresting (such as number of kilometers per run, per week, or per month) and more sophisticated numbers (such as Training Effect, EPOC, or fitness level indicators) often have an unknown meaning (i.e., the sports equipment manufacturers or software providers don’t explain you enough so that you could compute the values your own). There is always some “secret sauce” in those algorithms. So, you might initially be excited about the specific numbers the watch/program calculates for a specific run but then over time you will notice that these numbers are often counter-intuitive. Some sports watches and training programs recommend workouts or indicate the required recovery period. I have been puzzled so many times about the suggestions or indicated values that I have a hard time to believe in those anymore (particularly since the vendors do not disclose their algorithms and often do not even provide a meaningful description of their semantic). Either these vendors assume that you have a PhD in sports medicine (and you are already familiar with the state of the art of the literature) or they assume that you will never understand it anyway.

I stop the rant about sports watches here and let you decide.

Let me switch to the more useful gear and show you what I use. Note that I use this equipment for longer runs in the Austrian mountains. If you run elsewhere you will need to adjust appropriately. (You will quickly see why I don’t agree that running is a cheap sport….)

  • Jacket: I use several jackets depending on the weather condition and the time of the year. During the summer is always take a windbreaker jackets with me. Those are fairly lightweight and give you good protection. With bad weather or in the winter I also take a waterproof jacket with me. I use a jacket from Marmot with a hood. The brand name does not really matter since these waterproof jacket appear to be very similar (maybe I am wrong).
  • Trousers: I prefer to use compression long tights from SKINS even during the summer. First, in the mountains it is always a bit colder and the long tights protect my legs against injuries (when running cross country). Second, the compression gives me a more robust feeling. I also run in shorts, for example the X-BIONIC compression shorts.
  • T-Shirts: Buy a selection of t-shirts with short and long sleeves. You will obviously want to pick a shirt that is suitable for running. There is a wide range of different styles available and you will have to figure out what you like. In many cases, you will also get t-shirts at races (often included in the registration fee) and those are nice since they remind you about past events.
  • Headlamp and Flash Light: When you run in the dark you obviously need a headlamp and/or a flash light. I use both whereby the flash light is a backup. After long research I have decided to buy the Fenix PD35, which has 960 Lumen and is fairly lightweight. I use them with 18650 Li-ion batteries. Picking a headlamp is actually fairly easy IMHO: just pick Lupine Neo X2 or Piko X4. I tried the Piko X4 it is just perfect. The 1200 Lumen give you great visibility, and it is so lightweight (with the small battery) that you barely notice it. (There is the negative side-effect when it comes to the price though…)
  • Gloves. I often take my waterproof SealSkinz gloves with me. When it is really cold then I also use the Pearl iZUMi P.R.O. Softshell Lobster winter gloves. They even keep you warm when you go cycling in the winter in Finland.
  • Hat, cap or bandana. I always use a hat, cap or bandana (Buff) to avoid having sweat in my face and to deal with the sun, wind, cold temperatures. I use a Buff to protect against inhaling cold air but also to protect my neck.
  • First aid kit + rescue whistle and survival blanket: You never know when you need it.
  • Running backbag: I use two running backbags, namely the Salomon S-Lab Advanced Skin Hydro 12 and the Raidlight Ultra Olmo 12L. The Salmon backbag has a great fit (i.e., it does not move around) and has enough pockets and zippers. The Salomon backbag also comes with a whistle and a survival blanket (if I remember correctly). The downside is that it is fairly small. While it is supposed to have a volume of 12l I really doubt that. The Raidlight Ultra Olmo 12L also has a volume of 12l and I can fit twice as much stuff in there. There is, however, a downside to the Raidlight backbag: the fabric they have chosen creates friction and will ruin most of your cloth. Don’t buy it until they have fixed that problem. I still use it after I found out what jackets and what t-shirts work with it (after I managed to destroy several). Both of the backbags allow you to put water flasks in the front. The Raidlight backbag also came with two water bottles.
  • Camera: I often take a camera with me to take pictures and movies of places that look interesting. Of course, there are many of those when you go for a run (particularly in the morning or the evening). The camera I use is an Olympus Tough TG-2. It is fairly lightweight, has a decent spec, and is waterproof, shockproof, crushproof, freezeproof, and dustproof. It does not have any movable parts that can break.
  • Phone. I take the phone with me in case of an emergency (for nothing else). I don’t listen to music while I run since I want to pay attention to the environment and prefer not to get distracted.
  • GPS: I use the eTrex 20 for navigation. I create my route at home using the Garmin Basecamp tool (sometimes using the routes published by race event organizers) and follow those routes. It is an extra device to carry around but it is fairly lightweight and it does what it is supposed to do. I carry it in my hand (and if I don’t need it put it back into one of the pockets of my backbag). It is waterproof, runs on ordinary AA batteries, and works very energy efficient (unlike mobile phones). The user interface is old fashioned but works well with navigation. The eTrex 20 uses a joystick for navigation on the screen, which is pretty useful if you use gloves. Touch screens don’t work too well when the screen is wet (in case you are sweating or if it is raining) and touch screens also do not react nicely to gloves.
  • Trekking Poles: On steep hills and in mountains it is useful to have trekking poles with you. They help you increase your average speed and reduce the impact on your legs, knees, ankles, and feet. In many long trail runs you will notice that the majority uses trekking poles. I am quite happy with my Black Diamond Ultra Distance Z-Poles even though I rarely use them. These poles are fairly lightweight (=290 g/10.2 oz for the 120 cm size) since they are made of carbon fiber. The only downside with this model is that the poles are not adjustable in length.
  • Gaiters: I will write about those in another blog post since I have a love/hate relationship with gaiters.

I should also add that I always take a backup set of jacket, pants, t-shirt, and hat with me when I go on longer runs in the mountains. If you have to stop somewhere it only takes a few minutes to feel cold or even freeze. This is a long list (and a lot of stuff to carry), you will say. That’s correct but it is better to be prepared and carrying a little bit more isn’t such a big deal once you get used to it.

Note: For many (longer) trail runs most of the above listed equipment is mandatory. Hence, you will need to buy it if you want to participate in some of those runs.

There is a lot more to say but I stop here for now.

Dec 14

[UPDATED: 14. January 2015]

Early 2014 we organized a couple of webinars to hear about technologies that allowed to provide authentication of Internet of Things devices and to control access to resources. We learned more about OAuth, Kerberos, and the PKI/certificate model and all talks have been recorded and can be found at http://www.tschofenig.priv.at/wp/?p=1012

In a recent chat with Eve Maler, who co-chairs the Kantara User-Managed Access (UMA) working group, she volunteered to explain their ongoing work to us. Eve is employed by Forgerock, a company developing identity management solutions, and has been working in the identity management space for a very long time.

UMA is a profile and application of OAuth that defines how resource owners can control resource access by clients operated by arbitrary requesting parties, where the resources reside on any number of resource servers, and where a centralized authorization server governs access based on resource owner policy. Recent investigations have shown promise for applying UMA to Internet of Things authorization use cases.

The webinar took place on January 13th 2015 at 8am PST.

The slides and the recording in arf and in mp4 format are available for download.

Aug 14

Various groups in the IETF currently standardize technology for use with constrained devices and the choice of hardware impacts the design of Internet of Things (IoT) systems. To provide guidance RFC 7228 “Terminology for Constrained-Node Networks” defines three classes of devices depending on their RAM and flash memory size. Class 0 characterizes devices that have less than 10 KiB of RAM and less than 100 KiB of flash memory and RFC 7228 adds “… most likely they will not have the resources required to communicate directly with the Internet in a secure manner.” For others even class 2 with ~ 50 KiB of RAM and ~ 250 KiB of flash memory is too constrained.

With the increasing commercial interest in IoT the question about a reasonable hardware configuration surfaces again and again. At the IETF#90 ACE meeting I offered to bring a hardware expert along. Peter Aldworth, a hardware engineer with more than 19 years of experience, lead the discussion at this webinar.

The question about the suitable hardware platform has been particularly interesting in context of security discussions since security protocols tend to consume a fair amount of resources. Since security is often added to an existing design, as an afterthought, various deficiencies are built-in from the get-go.

The webinar took place on Friday, September 12th at 1pm BST (London timezone). The slides as well as a recording of the webinar (in .mp4 and in .wav format) are available for download.

To give you a flavor of the discussion consider this piece of hardware, the Nordic nRF51822-mKIT. It is an example of a recently released Internet of Things development board offering a Bluetooth 4.1 stack. This board allows engineers to create Bluetooth Smart peripherals using the mbed development environment. It uses the ARM Cortex M0 processor with 128 or 256kB flash and 16kB RAM. The ARM Cortex M0 is an example of a frequently used processor in Internet of Things appliances.

May 14

Mid 2013 I posted a summary about ongoing efforts on privacy in the IETF and I got a lots of good feedback. ISOC even published an extended version of the write-up at http://www.internetsociety.org/articles/ietf-privacy-update. Since summer 2013 a lot happened with regards to security and privacy.

Here is another short update based on activities I have seen. Let me know if I miss something.

Pervasive Surveillance 

With the revelations provided by Snowden a mailing list was created to have a venue for IETF security and privacy experts to discuss the implications of various news articles. This mailing list, called “Perpass List“, was established and triggered a rich discussion about what IETF protocols we need to look into. It is difficult to summarize all the discussions but the archives are available. As a side-effect of the discussion the “Using TLS in Applications” (UTA) working group was created to provide guidance for use of TLS in HTTP, XMPP, email, etc.  An important document discussed in this group provides recommendations for secure use of TLS/DTLS. Meetings at the London IETF meeting also discussed various ideas in more details, for example the desire to encrypt DNS exhanges (see http://www.ietf.org/proceedings/89/dnse.html).

The discussions in the IETF about the Snowden revelations were intense. I doubt that any other standardization organization saw a similar volume of discussions.  Quite naturally the Internet Architecture Board (IAB) used this as an opportunity to scheduled the pervasive monitoring topic as a plenary topic and invited several experts, including Bruce Schneier. Details about the plenary (including a video recording) can be found at http://www.ietf.org/media/2013-11-07-internet-privacy-and-security.html. Due to a job change I was unfortunately not able to attend the meeting myself but the plenary lead to a great discussion and resulted to good community feedback. Following the plenary, an IETF draft was produced to capture the feedback from the IETF community. The main message of <draft-farrell-perpass-attack> is rather simple:

“Pervasive monitoring is a technical attack that should be mitigated in the design of IETF protocols, where possible.”

As a follow-up action a workshop was organized. The workshop was called Strengthening the Internet Against Pervasive Monitoring (STRINT) and slides, position papers, and a short transcript can be found at https://www.w3.org/2014/strint/. The event was well attended and the position paper are of great quality. In the meanwhile a first version of the workshop report has been published that describes the conclusions:

“1. Well-implemented cryptography can be effective against pervasive monitoring (PM) and will benefit the Internet if used more,  despite its cost, which is steadily decreasing anyway.

2. Traffic analysis also needs to be considered, but is less well understood in the Internet community: relevant research and protocol mitigations such as data minimisation need to be better understood.

3. Work should continue on progressing the PM threat model draft [I-D.barnes-pervasive-problem] discussed in the workshop.

4. Later, the IETF may be in a position to start to develop an update to BCP 72 [RFC3552], most likely as a new RFC enhancing that BCP and dealing with recommendations on how to mitigate PM and how to reflect that in IETF work.

5. The term “Opportunistic” has been widely used to refer to a possible mitigation strategy for PM. We need to document definition(s) for this term, as it is being used differently by
different people and in different contexts. We may also be able to develop a cookbook-like set of related protocol techniques for developers. Since the workshop, the IETF’s security area has taken up this work, most recently favouring the generic term “Opportunistic Security” (OS) [I-D.kent-opportunistic-security].

6. The technical community could do better in explaining the real technical downsides related to PM in terms that policy makers can understand.

7. Many User Interfaces (UI) could be better in terms of how they present security state, though this is a significantly hard problem. There may be benefits if certain dangerous choices were simply not offered anymore. But that could require significant co-ordination among competing software makers, otherwise some will be considered “broken” by users.

8. Ways to better integrate UI issues into the processes of IETF and W3C needs further discussion.

9. Examples of good software configurations that can be cut-and-paste’d for popular software, etc., can help. This is not necessarily standards work, but maybe the standards organisations can help and can work with those developing such package-specific documentation.

10. The IETF and W3C can do more so that default (“out-of-the-box”) settings for protocols better protect security and privacy.

11. Captive portals, [6] (and some firewalls, too) can and should be distinguished from real man-in-the-middle attacks. This might mean establishing common conventions with makers of such middleboxes, but might also need new protocols. However, the incentives for deploying such new middlebox features might not align.”

As the reference indicate there have been some high-quality contributions, such as threat description, better terminology, that have been submitted to the IETF and are work in progress.


Engineering Privacy into Internet Protocols

The IAB privacy program has been working on the privacy consideration document and it has been published in RFC 6973. As a follow-up action a privacy tutorial was scheduled and held for the first time. Here is the announcement text distributed before the London IETF meeting (March 2014):

Privacy, as with security, has received increasing attention over the last few years as the number of security incidents and privacy violations increased. While security guidance has been offered in RFC 3552 and has been part of the IETF education tutorial for many years privacy related guidance has only been available recently with the publication of RFC 6973. This tutorial aims to provide the audience a brief overview of the privacy threats that engineers may encounter during their protocol work.

A core part of RFC 6973 is on offering guidance, i.e., a set of questions an engineer should ask himself or herself when designing new protocols or protocol extensions to take common privacy concerns into account.

The slides are available here and here. The audio/video recording was, unfortunately, corrupted. I will try to re-create one to make the content available to a wider audience.


The discovery of a severe security vulnerability in the implementation of the TLS protocol (in OpenSSL) illustrated a number of problems in the way how implementations of standards are produced. A lot can be said about what went wrong and there are various ideas about what can be done in the future to avoid similar problems (or at least to communicate them better). To keep it short I would like to point to a great article written by Monika Ermert for the Internet Policy Review, a journal on Internet regulation.


HTTP 2.0 & the “Trusted Proxy”

As mentioned in my summary last year one exciting development in the IETF is happening in the applications area with HTTP 2.0. With the discussions about pervasive surveillance the desire to provide an always-on security for HTTP 2.0 was raised and this would obviously make “deep packet inspection” by Internet service providers and enterprise networks more difficult. Hence, various companies (which are deploying these types of devices) have started to suggest proposals (e.g., draft-loreto-httpbis-trusted-proxy20 and draft-mcgrew-tls-proxy-server) for building a backdoor into Transport Layer Security (TLS) to terminate security somewhere in the middle of the network to inspect the traffic. Needless to say that this triggered some discussions (also at the STRINT workshop, at the privacy tutorial, and at various IETF mailing list). As an example take a look at Section 5.7 of draft-iab-strint-report and at the perpass mailing list.

TLS 1.3

The work on the new version of Transport Layer Security is ongoing and in the meanwhile progress has been made with the availability of a more detailed working draft. Requirements and use cases are being brought forward and support for privacy protection (and protection against pervasive monitoring) are brought forward. Particularly interesting are the discussions related to the use of cryptographic algorithms, which has lead the IRTF Cryptographic Research Group (CFRG) becoming more active. A recent interim meeting from the CFRG meeting was dedicated to the discussion of Elliptic Curve Cryptography (ECC) has shown in this renewed interest. Here is a link to an email from the co-chair David McGrew about the criteria for choosing a new ECC mechanism.





Hannes Tschofenig's Recent Tweets