Home / Blogs

W3C/IAB "Strengthening the Internet" Workshop: Deadline Monday to Submit Position Papers

Dan York

How can the open standards organizations of the IETF and W3C "strengthen the Internet" against large-scale pervasive monitoring? That is the topic up for discussion at the "Strengthening the Internet Against Pervasive Monitoring (STRINT)” workshop planned for February 28 and March 1, 2014, and jointly sponsored by the Internet Architecture Board (IAB) and the W3C.

The workshop is by invitation-only and has a deadline of Monday, January 20, 2014 (by 11:59 UTC) for submission of either position papers or Internet drafts. More information can be found on the "How To Participate” page. As noted in a message to the perpass mailing list today, there are already 43 submissions being considered by the workshop program committee - and while a submission is required to be considered for attendance, not everyone will get a chance to present.

As described on the W3C workshop page, as well as on the similar IAB workshop page, the overall goal of the workshop is to help steer the direction of both IETF and W3C work to strengthen the Internet in the face of the kind of large-scale pervasive monitoring that we've now seen. At the the last IETF meeting, the technical plenary and related sessions concluded that pervasive monitoring represents an "attack" on the Internet's infrastructure. This upcoming workshop is part of the ongoing dialogue about how to prevent these kind of attacks.

Questions to be discussed at the workshop include:

  • What are the pervasive monitoring threat models, and what is their effect on web and Internet protocol security and privacy?
  • What is needed so that web developers can better consider the pervasive monitoring context?
  • How are WebRTC and IoT impacted, and how can they be better protected? Are other key Internet and web technologies potentially impacted?
  • What gaps exist in current tool sets and operational best practices that could address some of these potential impacts?
  • What trade-offs exist between strengthening measures, (e.g. more encryption) and performance, operational or network management issues?
  • How do we guard against pervasive monitoring while maintaining network manageability?
  • Can lower layer changes (e.g., to IPv6, LISP, MPLS) or additions to overlay networks help?
  • How realistic is it to not be fingerprintable on the web and Internet?
  • How can W3C, the IETF and the IRTF better deal with new cryptographic algorithm proposals in future?
  • What are the practical benefits and limits of "opportunistic encryption"?
  • Can we deploy end-to-end crypto for email, SIP, the web, all TCP applications or other applications so that we mitigate pervasive monitoring usefully?
  • How might pervasive monitoring take form or be addressed in embedded systems or different industrial verticals?
  • How do we reconcile caching, proxies and other intermediaries with end-to-end encryption?
  • Can we obfuscate metadata with less overhead than TOR?
  • Considering meta-data: are there relevant differences between protocol artefacts, message sizes and patterns and payloads?

More information about the actual workshop will be published on the STRINT workshop agenda page on February 7, 2014. The sites indicate that all accepted documents will be published for public viewing.

If you're interested in potentially attending and being part of the discussion steering future work on this topic within the IETF and W3C, you have a short window here to submit a paper. Do note that by design this workshop is happening on the weekend prior to IETF 89 in London, where there will then be further discussions coming out of the work that happens at this workshop.

By Dan York, Author and Speaker on Internet technologies. Dan is employed as a Senior Content Strategist with the Internet Society but opinions posted on CircleID are entirely his own. Visit the blog maintained by Dan York here.

Related topics: Censorship, Cyberattack, Internet Protocol, Privacy, Security, Web

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Verisign's Q2'15 DDoS Trends: DDoS for Bitcoin Increasingly Targets Financial Industry

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

Announcing Verisign IntelGraph: Unprecedented Context for Cybersecurity Intelligence

Introducing the Verisign DNS Firewall

TLD Security, Spec 11 and Business Implications

Verisign Named to the Online Trust Alliance's 2015 Honor Roll

3 Key Steps for SMBs to Protect Their Website and Critical Internet Services

Key Considerations for Selecting a Managed DNS Provider

Verisign Mitigates More DDoS Attacks in Q1 2015 than Any Quarter in 2014

Verisign OpenHybrid for Corero and Amazon Web Services Now Available

Afilias Supports the CrypTech Project - Ambitious Hardware Encryption Effort to Protect User Privacy

Public Sector Experiences Largest Increase in DDoS Attacks (Verisign's Q4 2014 DDoS Trends)

Help Ensure the Availability and Security of Your Enterprise DNS with Verisign Recursive DNS

Verisign iDefense 2015 Cyber-Threats and Trends

Verisign Launches New Monthly Blog Series: Top 10 Keywords Registered in .COM and .NET

Standards and Browser Compatibility

What's in Your Attack Surface?

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

.nyc Goes Public to Brand the Big Apple

3 Questions to Ask Your DNS Host About DDoS

Sponsored Topics