How do we harden the Internet against the kinds of pervasive monitoring and surveillance that has been in recent news? While full solutions may require political and legal actions, are there technical improvements that can be made to underlying Internet infrastructure? As discussed by IETF Chair Jari Arkko in a recent post on the IETF blog, "Plenary on Internet Hardening”, the Technical Plenary at next weeks IETF 88 meeting in Vancouver, BC, Canada, will focus on this incredibly critical issue. The event will include well-known security researcher Bruce Schneier as well as leaders of the Internet Architecture Board (IAB) and IETF.
The IETF 88 Technical plenary will take place on Wednesday, November 6, 2013, from 9:00-11:30 Pacific Time. If you are unable to attend next week's meeting in person, there will be a live video stream available at:
There will also be live text transcription as well as the standard audio streams, Jabber chat rooms and conferencing services available for remote participation. Links to background material, such as recent statements by IETF leaders about pervasive monitoring, can be found on that www.ietf.org/live/ page.
The technical plenary session will summarize recent discussions and suggest potential IETF actions to make large-scale monitoring more difficult. The session will include:
1. Introduction (Bruce Schneier) – What we know and what we do not know.
2. Earlier IETF Debates (Brian Carpenter) – The IETF has several cornerstone documents about Internet security and privacy, including RFCs 1984, 3365, 2804, and 6973.
3. Potential IETF Activities (Stephen Farrell) – Summary of the discussion on the perpass mailing list.
4. Open microphone / discussion time.
Bruce Schneier's participation is not surprising given the widely circulated "call to action" article he wrote in the Guardian on September 5, 2013, that included these pieces:
"This is not the internet the world needs, or the internet its creators envisioned. We need to take it back. And by we, I mean the engineering community. Yes, this is primarily a political problem, a policy matter that requires political intervention. But this is also an engineering problem, and there are several things engineers can — and should — do."
"We need to figure out how to re-engineer the internet to prevent this kind of wholesale spying. We need new techniques to prevent communications intermediaries from leaking private information. We can make surveillance expensive again. In particular, we need open protocols, open implementations, open systems — these will be harder for the NSA to subvert."
"Again, the politics of this is a bigger task than the engineering, but the engineering is critical. We need to demand that real technologists be involved in any key government decision making on these issues. We've had enough of lawyers and politicians not fully understanding technology; we need technologists at the table when we build tech policy.
To the engineers, I say this: we built the internet, and some of us have helped to subvert it. Now, those of us who love liberty have to fix it."
Schneier's recent post, The Battle for Power on the Internet, is also well worth a read.
Schneier will be followed by IETF Security Area Director Stephen Farrell who will discuss the activity that has happened on the open, public "perpass" mailing list and what are potential next steps that can be taken within the IETF. The "open microphone" discussion time that will follow should be quite a lively and interactive discussion.
After the technical plenary is over, there will be a Perpass session starting at 1:00pm Pacific where these next steps will be discussed in even greater detail.
The IETF 88 Technical Plenary should be an outstanding event and you are encouraged to follow along at www.ietf.org/live/ . If you use social media, you can also join (and share!) the Facebook event or Google+ event for the plenary and also follow the IETF on Twitter. You can also join the "perpass" mailing list to be more directly involved in (or at least observing) the technical discussions.
It's very clear that we need to make the Internet more secure against this kind of large-scale pervasive monitoring. Next week's discussions should be a good step in the right direction. Please do join in and help!
By Dan York, Author and Speaker on Internet technologies - and on staff of Internet Society. Dan is employed as a Senior Content Strategist with the Internet Society but opinions posted on CircleID are entirely his own. Visit the blog maintained by Dan York here.
|Data Center||Policy & Regulation|
|DNS Security||Regional Registries|
|Domain Names||Registry Services|
|Intellectual Property||Top-Level Domains|
|Internet of Things||Web|
|Internet Protocol||White Space|
Afilias - Mobile & Web Services