NordVPN Promotion

Home / Blogs

W3C/IAB “Strengthening the Internet” Workshop: Deadline Monday to Submit Position Papers

How can the open standards organizations of the IETF and W3C “strengthen the Internet” against large-scale pervasive monitoring? That is the topic up for discussion at the “Strengthening the Internet Against Pervasive Monitoring (STRINT)” workshop planned for February 28 and March 1, 2014, and jointly sponsored by the Internet Architecture Board (IAB) and the W3C.

The workshop is by invitation-only and has a deadline of Monday, January 20, 2014 (by 11:59 UTC) for submission of either position papers or Internet drafts. More information can be found on the “How To Participate” page. As noted in a message to the perpass mailing list today, there are already 43 submissions being considered by the workshop program committee - and while a submission is required to be considered for attendance, not everyone will get a chance to present.

As described on the W3C workshop page, as well as on the similar IAB workshop page, the overall goal of the workshop is to help steer the direction of both IETF and W3C work to strengthen the Internet in the face of the kind of large-scale pervasive monitoring that we’ve now seen. At the the last IETF meeting, the technical plenary and related sessions concluded that pervasive monitoring represents an “attack” on the Internet’s infrastructure. This upcoming workshop is part of the ongoing dialogue about how to prevent these kind of attacks.

Questions to be discussed at the workshop include:

  • What are the pervasive monitoring threat models, and what is their effect on web and Internet protocol security and privacy?
  • What is needed so that web developers can better consider the pervasive monitoring context?
  • How are WebRTC and IoT impacted, and how can they be better protected? Are other key Internet and web technologies potentially impacted?
  • What gaps exist in current tool sets and operational best practices that could address some of these potential impacts?
  • What trade-offs exist between strengthening measures, (e.g. more encryption) and performance, operational or network management issues?
  • How do we guard against pervasive monitoring while maintaining network manageability?
  • Can lower layer changes (e.g., to IPv6, LISP, MPLS) or additions to overlay networks help?
  • How realistic is it to not be fingerprintable on the web and Internet?
  • How can W3C, the IETF and the IRTF better deal with new cryptographic algorithm proposals in future?
  • What are the practical benefits and limits of “opportunistic encryption”?
  • Can we deploy end-to-end crypto for email, SIP, the web, all TCP applications or other applications so that we mitigate pervasive monitoring usefully?
  • How might pervasive monitoring take form or be addressed in embedded systems or different industrial verticals?
  • How do we reconcile caching, proxies and other intermediaries with end-to-end encryption?
  • Can we obfuscate metadata with less overhead than TOR?
  • Considering meta-data: are there relevant differences between protocol artefacts, message sizes and patterns and payloads?

More information about the actual workshop will be published on the STRINT workshop agenda page on February 7, 2014. The sites indicate that all accepted documents will be published for public viewing.

If you’re interested in potentially attending and being part of the discussion steering future work on this topic within the IETF and W3C, you have a short window here to submit a paper. Do note that by design this workshop is happening on the weekend prior to IETF 89 in London, where there will then be further discussions coming out of the work that happens at this workshop.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By Dan York, Author and Speaker on Internet technologies - and Senior Advisor at Internet Society

Dan is a Senior Advisor at the Internet Society but opinions posted on CircleID are his own. View more of Dan’s writing and audio here.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

New TLDs

Sponsored byRadix

Brand Protection

Sponsored byCSC

Cybersecurity

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

DNS

Sponsored byDNIB.com

Domain Names

Sponsored byVerisign

NordVPN Promotion