Home / Blogs

W3C/IAB "Strengthening the Internet" Workshop: Deadline Monday to Submit Position Papers

Dan York

How can the open standards organizations of the IETF and W3C "strengthen the Internet" against large-scale pervasive monitoring? That is the topic up for discussion at the "Strengthening the Internet Against Pervasive Monitoring (STRINT)” workshop planned for February 28 and March 1, 2014, and jointly sponsored by the Internet Architecture Board (IAB) and the W3C.

The workshop is by invitation-only and has a deadline of Monday, January 20, 2014 (by 11:59 UTC) for submission of either position papers or Internet drafts. More information can be found on the "How To Participate” page. As noted in a message to the perpass mailing list today, there are already 43 submissions being considered by the workshop program committee - and while a submission is required to be considered for attendance, not everyone will get a chance to present.

As described on the W3C workshop page, as well as on the similar IAB workshop page, the overall goal of the workshop is to help steer the direction of both IETF and W3C work to strengthen the Internet in the face of the kind of large-scale pervasive monitoring that we've now seen. At the the last IETF meeting, the technical plenary and related sessions concluded that pervasive monitoring represents an "attack" on the Internet's infrastructure. This upcoming workshop is part of the ongoing dialogue about how to prevent these kind of attacks.

Questions to be discussed at the workshop include:

  • What are the pervasive monitoring threat models, and what is their effect on web and Internet protocol security and privacy?
  • What is needed so that web developers can better consider the pervasive monitoring context?
  • How are WebRTC and IoT impacted, and how can they be better protected? Are other key Internet and web technologies potentially impacted?
  • What gaps exist in current tool sets and operational best practices that could address some of these potential impacts?
  • What trade-offs exist between strengthening measures, (e.g. more encryption) and performance, operational or network management issues?
  • How do we guard against pervasive monitoring while maintaining network manageability?
  • Can lower layer changes (e.g., to IPv6, LISP, MPLS) or additions to overlay networks help?
  • How realistic is it to not be fingerprintable on the web and Internet?
  • How can W3C, the IETF and the IRTF better deal with new cryptographic algorithm proposals in future?
  • What are the practical benefits and limits of "opportunistic encryption"?
  • Can we deploy end-to-end crypto for email, SIP, the web, all TCP applications or other applications so that we mitigate pervasive monitoring usefully?
  • How might pervasive monitoring take form or be addressed in embedded systems or different industrial verticals?
  • How do we reconcile caching, proxies and other intermediaries with end-to-end encryption?
  • Can we obfuscate metadata with less overhead than TOR?
  • Considering meta-data: are there relevant differences between protocol artefacts, message sizes and patterns and payloads?

More information about the actual workshop will be published on the STRINT workshop agenda page on February 7, 2014. The sites indicate that all accepted documents will be published for public viewing.

If you're interested in potentially attending and being part of the discussion steering future work on this topic within the IETF and W3C, you have a short window here to submit a paper. Do note that by design this workshop is happening on the weekend prior to IETF 89 in London, where there will then be further discussions coming out of the work that happens at this workshop.

By Dan York, Author and Speaker on Internet technologies. Dan is employed as a Senior Content Strategist with the Internet Society but opinions posted on CircleID are entirely his own. Visit the blog maintained by Dan York here.

Related topics: Censorship, Cyberattack, Internet of Things, Internet Protocol, Privacy, Security, Web

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:


To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

Verisign Q1 2016 DDoS Trends: Attack Activity Increases 111 Percent Year Over Year

Is Your TLD Threat Mitigation Strategy up to Scratch?

Mobile Web Intelligence Report: Bots and Crawlers May Represent up to 50% of Web Traffic

i2Coalition to Host First Ever Smarter Internet Forum

Encrypting Inbound and Outbound Email Connections with PowerMTA

Resilient Cybersecurity: Dealing with On-Premise, Cloud-Based and Hybrid Security Complexities

Verisign Releases Q4 2015 DDoS Trends - DDoS Attack Activity Increasing by 85% Year Over Year

Best Practices from Verizon - Proactively Mitigating Emerging Fraudulent Activities

Neustar Data Identifies Most Popular Times of Year for DDoS Attacks in 2015

The Framework for Resilient Cybersecurity (Webinar)

DeviceAtlas Brings Device Awareness to HAProxy

Data Volumes and Network Stress to Be Top IoT Concerns

DKIM for ESPs: The Struggle of Living Up to the Ideal

Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

Protect Your Privacy - Opt Out of Public DNS Data Collection

Verisign & Forrester Webinar: Defending Against Cyber Threats in Complex Hybrid-Cloud Environments

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Faster DDoS Mitigation - Introducing Verisign OpenHybrid Customer Activated Mitigation

Verisign's Q2'15 DDoS Trends: DDoS for Bitcoin Increasingly Targets Financial Industry

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

Sponsored Topics



Sponsored by

DNS Security

Sponsored by


Sponsored by
Afilias - Mobile & Web Services


Sponsored by
Afilias - Mobile & Web Services