By: Jari Arkko
Date: November 1, 2014
IETF 90 was a great meeting with a good turnout—1,231 people on site from 54 countries. My personal highlights for the week include discussions around the Internet of Things, Internet security and privacy, and the transition of Internet Assigned Numbers Authority (IANA) oversight.
I would like to thank all of our participants, on site and remote, including that participant who sent a robot to attend on his behalf! I would also like to thank our sponsors, specifically Ericsson, our host.
The Internet of Things
This is a big topic for the IETF—we seem to add more work every meeting! Three new items arose this time.
- The low-power and lossy networking Plugfest, where participants tested their implementations against each other. These kind of tests are a big part of the IETF mode of operation. While formally outside the meeting, implementers often gather at the IETF meeting to run such tests.
- The ACE working group (WG), which is focusing on how to bootstrap security and authorisation in a network of smart objects.
- The Bits-n-Bites event, which debuted new format and a focus topic. This time, ten organisations demonstrated Internet of Things solutions to a large audience of interested participants. We will continue the Bits-and-Bites event series at future IETF meetings—please propose focus topics that you would like to see.
Security and Privacy
Earlier this year we concluded that the IETF needs to do its part to ensure that Internet technology provides better tools against mass surveillance activities. Improving the security of the Internet is no easy task, but we are working hard on several fronts, including updating the Transport Layer Security (TLS) and Hypertext Transfer Protocol (HTTP) protocols (see TLS and HTTPBIS working group efforts).
One of the difficult tradeoffs discussed was how increased use of encryption affects caching and other network functions. Although this continues to be a challenge, it is clear that HTTPS remains as an end-to-end security solution. Various caching and secure tunneling solutions may arise for other traffic, however.
The new TCPINC working group had it first meeting on developing a new layer of opportunistic security. This is mainly for applications, such as the Web, that don’t use current transport layer security.
The IETF has been actively discussing the transition since the announcement from the US government in March. I am happy about it, but we at the IETF also see it as a part of longer-term evolution already in place with regards to how we deal with the oversight of IANA. In the last 15 years, we have developed the contracts, oversight mechanisms, and processes on which our part of IANA runs.
Our meeting confirmed that the IETF community believes these mechanisms are sufficient going forward. In the coming weeks and months, we will document how these mechanisms address the oversight requirements. I feel very optimistic about the process. A few weeks after the meeting, we created the IANAPLAN WG as a forum to discuss the topic.
IETF 91 is scheduled for 9–14 November in Honolulu, Hawaii. I would like to welcome everyone to the meeting!
Between meetings, the work of the IETF runs on mailing lists. What can we expect in the coming months? The major projects, such as WebRTC, HTTP 2.0, and so on will continue. Some of the key milestones ahead include the publication of the final HTTP 2.0 RFC (later this year), as well as the conclusion of our part in the IANA transition work (planned for completion within 2014). Please visit our newcomers page if you would like to join us in this important work.