By: Karen O’Donoghue
Date: March 16, 2018
It’s that time again! In this post of the Rough Guide to IETF 101, I’ll take a quick look at some of the identity, privacy, and encryption related activities at IETF this coming week. Below a few of the many relevant activities are highlighted, but there is much more going on so be sure to check out the full agenda online.
Encryption continues to be a priority of the IETF as well as the security community at large. Related to encryption, there is the TLS working group developing the core specifications, several working groups addressing how to apply the work of the TLS working group to various applications, and the Crypto-Forum Research Group focusing on the details of the underlying cryptographic algorithms.
The Transport Layer Security (TLS) Working Group is a key IETF effort developing core security protocols for the Internet. The big news out of this working group is the IESG approval of the TLS 1.3 specification. There is still some way to go before final publication, but the end is in sight.
There will be two TLS sessions this week. The Monday session will focus primarily on the ongoing discussion of data center operator concerns for the use of DTLS in their environments. There is an updated proposal on a “TLS 1.3 Option for Negotiation of Visibility In the Datacenter”. This is sure to continue to be a contentious topic in the TLS working group as it struggles with whether or not to adopt this work.
The Wednesday session will address a number of ongoing drafts including:
- Datagram Transport Layer Security
- Connection ID
- Exported authenticators
- DNSSEC Chain Extension
- Certificate compression
- Encrypted SNI
- Semi-static DH in TLS1.3
The TLS working group is very active and, as with all things that are really important, there are many diverse opinions to fill the room.
The Using TLS in Applications (UTA) Working Group was chartered to look at updating the definitions for using TLS with various application protocols. It has finished a number of documents already including recommendations for the secure use of TLS and DTLS, use of TLS for XMPP, and the use of TLS server identity check procedures for email. The main portion of the meeting will discuss issues raised on a draft related to Strict Transport Security (STS) for mail (SMTP) transfer agents and mail user agents. Also on the agenda is a draft on an option to require TLS for SMTP. There is a new draft on TLS/DTLS 1.3 profiles for IoT that may get some discussion time, but isn’t currently listed on the agenda.
The next activity of potential interest to the encryption community is the Crypto Forum Research Group (cfrg). A key work item of this research group that is nearing completion is hash based signatures. I also see updated drafts on Verifiable Random Functions, Hashing to Elliptic Curves, and Verifiable Oblivious Pseudorandom Functions. The agenda isn’t posted yet so I’m not sure what else might appear, but I am sure it will be an interesting and engaging discussion.
There are two other sessions that will be of interest to folks generally interested in encryption in protocols.
The first is a BoF on Message Layer Security (mls). Many internet applications need group key-establishment and a message protection protocol with features like asynchronicity, forward secrecy, membership authentication and message authentication. The goal of this proposed working group is to develop a standard security protocol so that applications can share code and so that there can be shared validation of the protocol (as there has been with TLS 1.3), not the interoperability of messaging protocols. The Messaging Layer Security BoF is a working group-forming session exploring whether there is sufficient interest and scope to form a working group on the topic. The agenda includes a problem statement, architecture, draft protocol, a report on formal analysis, and a discussion of charter. Some key drafts include https://datatracker.ietf.org/doc/draft-omara-mls-architecture and https://datatracker.ietf.org/doc/draft-barnes-mls-protocol.
Finally, the QUIC Working Group is striving to provide a standards-track specification for a UDP-based, stream-multiplexing, encrypted transport protocol. This has been a very active working group in the IETF. While this is a Transport Area effort, the fact that encryption is a key aspect and being designed in from the beginning is of interest to encryption enthusiasts.
Moving on from cryptography and encryption, the next set of IETF working groups are related to the certificate infrastructure for the Internet, acme and lamps.
The Automated Certificate Management Environment (acme) Working Group is specifying ways to automate certificate issuance, validation, revocation and renewal. The main order of business at this week’s meeting is to discuss the core specification Automatic Certificate Management Environment. This document has been submitted to the IESG for publication, and this meeting will focus on addressing the feedback received to date. The meeting will also discuss the TLS ALPN challenge, and some STIR topics.
The Limited Additional Mechanisms for PKIX and SMIME (lamps) Working Group is engaged in some maintenance activities around PKIX and SMIME. A number of working group documents have been submitted to the IESG, and this week’s agenda will discuss DNS Certification Authority Authorization (CAA) Resource Record, additional SHAKE algorithms and identifiers, and use of the SHAKE one-way has function in CMS.
Authentication and Authorization
From the certificate infrastructure, we move next to authentication and authorization and the set of related working groups tackling those issues for the IETF.
Anyone with an interest in the Internet of Things (IoT), will be interested in the Authentication and Authorization for Constrained Environments (ace) Working Group. This group is working to develop standardized solutions for authentication and authorization in constrained environments. They published a use cases document last year, and this week’s agenda includes discussion of existing working group documents on authentication and authorization for constrained environments.
The Web Authorization Protocol (oauth) Working Group has been working for years on mechanisms that allow users to grant access to web resources without necessarily compromising long term credentials or even identity. It has been a very prolific working group with around 15 RFCs published to date. IETF 101 will be another busy week for those interested in this area including sessions on both Tuesday and Wednesday. Agenda items for these two sessions include:
- Mutual TLS profile
- Token binding
- JWT best practices
- Device flow
- OAuth security topics
- Incremental authorization
Additionally, the working group will discuss a potential new OAuth client assertion flow and distributed OAuth.
For those new to OAuth, there is an OAuth 2.0 tutorial planned for Sunday afternoon in the first tutorial slot. This is an excellent opportunity to get a detailed introduction to OAuth 2.0 from a key contributor to the work.
There are two additional working groups meeting this coming week that are related to the OAUTH work. The first is the Token Binding (TOKBIND) Working Group that is tasked with specifying a token binding protocol and specifying the use of that protocol with HTTPS. The second is Security Events (SECEVENT) Working Group working on an Event Token specification that includes a JWT extension for expressing security events and a syntax for communicating the event-specific data. Both of these have a strong relationship to the OAuth work.
The Network Time Protocol (NTP) Working Group addresses protocols for the accurate synchronization of clocks on a network. This may seem like a bit of a stretch for a blog post on identity, privacy, and encryption. However, accurate and secure time synchronization turns out to be vitally important for the proper operation of security protocols. The NTP WG has been working on Network Time Security (NTS) which is a significant update for NTP server authentication. This week the NTP NTS effort will focus on getting some implementation work done in the Hackathon in advance of the NTP meeting on Thursday.
For the security crowd, no IETF week is complete without the Security Area Advisory Group (SAAG) meeting. This meeting features a quick run through all the working groups doing security-related work in the IETF across all areas, a set of short talks, and an open session to bring issues and topics forward from the community. The agenda isn’t available yet, but it generally is an excellent session on security in general.
The experiment from IETF 100 on a session to quickly review and decide what to do with specific new work proposals that are being brought forward has resulted in a new working group specifically for this purpose, Security Dispatch (secdispatch). The new working group will meet for the first time this week, and it will address a method for web security policies, considerations For Using Short Term Certificates, use of the Hash-based Merkle Tree Signature (MTS) Algorithm in the
Cryptographic Message Syntax (CMS), and pretty Easy privacy.
Also, don’t forget the IETF Hackathon is held this weekend, before the IETF. This IETF Hackathon has several projects of interest including work on Messaging Layer Security, TLS 1.3 testing and interoperability, EAP TLS with large certificates and long certificate chains, distributed denial of service threat signaling, and Network time security. All the potential projects of this rendition of the IETF Hackathon as listed on the IETF 101 Hackathon wiki site.
Finally, just a quick note to point out that DNS Privacy (DNSPRIV) and the Decentralized IoT Security and Standards (DISS) workshops were successfully held in conjunction with NDSS 2018. The agendas and some materials are online now, and the proceedings will be published in the coming months.
Join us for another full week for identity, and privacy, and encryption related topics here at IETF 101!
Relevant Working Groups at IETF 100:
ace (Authentication and Authorization for Constrained Environments) WG
Monday, 19 March, 09:30-12:00, Balmoral
acme (Automated Certificate Management Environment) WG
Wednesday, 21 March, 15:20-16:50, Buckingham
cfrg – Crypto Forum Research Group
Monday, 19 March, 15:50-17:20, Balmoral
oauth (Web Authorization Protocol) WG
Monday, 19 March, 15:50-17:20, Viscount
Thursday, 22 March, 09:30-12:00, Sandringham
saag (Security Area open meeting)
Thursday, 22 March, 13:30-15:30, Sandringham
Agenda: https://datatracker.ietf.org/meeting/101/materials/agenda-101-saag/ (coming soon)
secdispatch (Security Dispatch)
Tuesday, 20 March, 09:30-12:00, Blenheim
secevent (Security Events) WG
Friday, 23 March, 09:30-11:30, Park Suite
tls – Transport Layer Security
Monday, 19 March, 17:40-18:40, Balmoral
Agenda: https://datatracker.ietf.org/doc/agenda-101-tls-sessa/, https://datatracker.ietf.org/doc/agenda-101-tls-sessb/
tokbind (Token Binding) WG
Wednesday, 21 March, 15:20-16:50, Viscount
uta – Using TLS in Applications
Thursday, 22 March, 18:10-19:10, Blenheim
It will be a busy week in London, and whether you plan to be there or join remotely, there’s much to monitor. Read the full series of Rough Guide to IETF 101 posts, and follow us on the Internet Society blog, Twitter, or Facebook using #IETF101 to keep up with the latest news.