News‎ > ‎

IETF 89 London - Fruitful Discussions on Authorization Issues in Constraint Environments

posted Mar 21, 2014, 3:55 AM by Corinna Schmitt   [ updated Jul 21, 2014, 7:47 AM ]
The 89th Internet Engineering Task Force (IETF) event was held in London, England, United Kingdom, on Mach 2-7, 2014 with pre-workshops on the first day. The Internet Engineering Task Force (IETF) is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. It is open to any interested individual. The IETF Mission Statement is documented in RFC 3935. The actual technical work of the IETF is done in its working groups, which are organized by topic into several areas (e.g., routing, transport, security). Much of the work is handled via mailing lists. The IETF holds meetings three times per year. 1300 pre-registered participants from industry and academics were counted for IETF 89 in London.

During the IETF 89 researcher from industry and academics meet in order to present new standardization approaches, discuss them, and to process them to turn them into a RFC. Due to the development in the Internet and the technical standards more and more topics come into focus and become an aim for standardization. Thus, different Birds of a Feather ("BOF") meetings take place in conjunction with each IETF. All presentations and meeting minutes are online available under the following link:

Summarizing the relevant impact of IETF 89 for the project SmartenIT it will be important for external liaisons in WP5 between UZH and FLAMINGO. One part of the external liaisons looks on standardization process for securing data exchange between communication partners and the involved access control mechanisms. Therefore, UZH submitted an updated version of the draft “draft-schmitt-two-way-authentication-for-iot-02” dealing with questions on authentication and authorization. The updated version includes handshake description and certificate creation details, as well as modification within the architecture description section. Corinna Schmitt joint the BOF of the new working group “Authentication and Authorization for Constrained Environments” (ACE) where the current draft is associated. The BOF itself was very successful and waits now for approval as a working group under IETF after charter update. Parallel to discussions during the BOF different individual meetings took place with industry (e.g., Huawei, Ericsson) and academic (e.g., University of Bremen - TZI, University of Oulu – Finland) in order to integrate the draft in right position within the upcoming work in the ACE group. Next to the aforementioned draft UZH is involved in a second draft within ACE named draft-porambage-core-ace-x509-00 dealing with the usage of X.509 certificate in networks with constraint devices.

The main outcome of IETF 89 is that different groups are interesting in the ongoing two-way authentication and certification creation process in constraint environments. All solutions are standard based and, therefore, can be applied to different network setups as assumed in SmartenIT.

Further Information: IETF 89 London - Security Drafts linked to ACE BOF