Security Area
The IETF Security Area (provides a focal point for security-related technical work in the Internet Engineering Task Force.
Overview[edit | edit source]
This focus area was created on September 6, 1983. The Security Area is home to security protocol working groups, which provide one or more security services, such as integrity, authentication, non-repudiation, confidentiality, access control, and key management. The Security Area intersects with all other Areas as it is concerned with the practical application of ensuring secure protocols and technologies.[1]
Leadership[edit | edit source]
Roman Danyliw and Benjamin Kaduk are the security area directors.
Security Area Directorate[edit | edit source]
The security directorate (SecDir) provides support to the IETF Security Area Directors. There are 50 reviewers in the group, and there are about 20 documents to review each month. The members are Working Group Chairs and others chosen for their technical knowledge in security. The SecDir reviews all IETF documents passing through the Internet Engineering Steering Group (IESG) to improve efficiency. Each member receives one assignment roughly every two months in round-robin order. The reviews are solicited to allow the area directors to focus on troublesome documents. The group also improves the documents and broadens the reviewers' exposure to other parts of the IETF. The reviews do not cause the IESG to block a document; however, they may convince IESG members to block a document.[2]
Working Groups[edit | edit source]
The IETF has 24 working groups.[3]
| Group Acronym | Name | Chairs |
|---|---|---|
| ace | Authentication and Authorization for Constrained Environments | Daniel Migault, Loganaden Velvindron |
| acme | Automated Certificate Management Environment | Deb Cooley, Yoav Nir |
| cose | CBOR Object Signing and Encryption | Mike Jones, Matthew Miller, Ivaylo Petrov |
| curdle | CURves, Deprecating and a Little more Encryption | Daniel Migault, Rich Salz |
| dots | DDoS Open Threat Signaling | Valery Smyslov, Liang Xia |
| emu | EAP Method Update | Joseph Salowey, Mohit Sethi |
| gnap | Grant Negotiation and Authorization Protocol | Leif Johansson, Yaron Sheffer |
| i2nsf | Interface to Network Security Functions | Linda Dunbar, Yoav Nir |
| ipsecme | IP Security Maintenance and Extensions | Tero Kivinen, Yoav Nir |
| kitten | Common Authentication Technology Next Generation | Robbie Harwood, Alexey Melnikov |
| lake | Lightweight Authenticated Key Exchange | Stephen Farrell, Mališa Vučinić |
| lamps | Limited Additional Mechanisms for PKIX and SMIME | Tim Hollebeek, Russ Housley |
| mls | Messaging Layer Security | Nick Sullivan, Sean Turner |
| oauth | Web Authorization Protocol | Rifaat Shekh-Yusef, Hannes Tschofenig |
| openpgp | Open Specification for Pretty Good Privacy | Stephen Farrell, Daniel Gillmor |
| privacypass | Privacy Pass | Joseph Salowey, Benjamin Schwartz |
| rats | Remote ATtestation ProcedureS | Nancy Cam-Winget, Kathleen Moriarty, Ned Smith |
| sacm | Security Automation and Continuous Monitoring | Christopher Inacio, Karen O'Donoghue |
| secdispatch | Security Dispatch | Richard Barnes, Kathleen Moriarty, Mohit Sethi |
| secevent | Security Events | Dick Hardt, Yaron Sheffer |
| suit | Software Updates for Internet of Things | Russ Housley, Dave Thaler, David Waltermire |
| teep | Trusted Execution Environment Provisioning | Nancy Cam-Winget, K. Tirumaleswar Reddy |
| tls | Transport Layer Security | Joseph Salowey, Sean Turner, Christopher Wood |
| trans | Public Notary Transparency | Melinda Shore, Paul Wouters |