[AfrICANN-discuss] Fwd: W3C/IAB workshop on Strengthening the
Internet Against Pervasive Monitoring (STRINT)
Adiel Akplogan
adiel at afrinic.net
Mon Feb 3 20:07:59 SAST 2014
You may be interested.
- a.
Begin forwarded message:
> From: IAB Chair <iab-chair at iab.org>
> Subject: W3C/IAB workshop on Strengthening the Internet Against Pervasive Monitoring (STRINT)
> Date: 1 December, 2013 19:48:15 PM GMT+04:00
> To: IETF Announce <ietf-announce at ietf.org>
> Cc: IAB <iab at iab.org>, IETF <ietf at ietf.org>
>
>
> W3C/IAB workshop on Strengthening the Internet
> Against Pervasive Monitoring (STRINT)
> ======================================
>
> Logistics/Dates:
>
> Submissions due: Jan 15 2014
> Invitations issued: Jan 31 2014
> Workshop Date: Feb 28 (pm) & Mar 1 (am) 2014
> To be Confirmed - could be all day Mar 1
> Location: Central London, UK. IETF Hotel or nearby (TBC)
> For queries, contact: stephen.farrell at cs.tcd.ie, tech at strews.eu
> Send submissions to: group-strint-submission at w3.org
> Workshop web site: http://www.w3.org/2014/strint/
>
> The Vancouver IETF plenary concluded that pervasive monitoring
> represents an attack on the Internet, and the IETF has begun to
> carry out various of the more obvious actions [1] required to
> try to handle this attack. However, there are additional much
> more complex questions arising that need further consideration
> before any additional concrete plans can be made.
>
> The W3C and IAB will therefore host a one-day workshop on the
> topic of "Strengthening the Internet Against Pervasive
> Monitoring" before IETF-89 in London in March 2014, with support
> from the EU FP7 STREWS [2] project.
>
> Pervasive monitoring targets protocol data that we also need for
> network manageability and security. This data is captured and
> correlated with other data. There is an open problem as to how
> to enhance protocols so as to maintain network manageability and
> security but still limit data capture and correlation.
>
> The overall goal of the workshop is to steer IETF and W3C work
> so as to be able to improve or "strengthen" the Internet in the
> face of pervasive monitoring. A workshop report in the form of
> an IAB RFC will be produced after the event.
>
> Technical questions for the workshop include:
>
> - What are the pervasive monitoring threat models, and what is
> their effect on web and Internet protocol security and privacy?
> - What is needed so that web developers can better consider the
> pervasive monitoring context?
> - How are WebRTC and IoT impacted, and how can they be better
> protected? Are other key Internet and web technologies
> potentially impacted?
> - What gaps exist in current tool sets and operational best
> practices that could address some of these potential impacts?
> - What trade-offs exist between strengthening measures, (e.g.
> more encryption) and performance, operational or network
> management issues?
> - How do we guard against pervasive monitoring while maintaining
> network manageability?
> - Can lower layer changes (e.g., to IPv6, LISP, MPLS) or
> additions to overlay networks help?
> - How realistic is it to not be fingerprintable on the web and
> Internet?
> - How can W3C, the IETF and the IRTF better deal with new
> cryptographic algorithm proposals in future?
> - What are the practical benefits and limits of "opportunistic
> encryption"?
> - Can we deploy end-to-end crypto for email, SIP, the web, all
> TCP applications or other applications so that we mitigate
> pervasive monitoring usefully?
> - How might pervasive monitoring take form or be addressed in
> embedded systems or different industrial verticals?
> - How do we reconcile caching, proxies and other intermediaries
> with end-to-end encryption?
> - Can we obfuscate metadata with less overhead than TOR?
> - Considering meta-data: are there relevant differences between
> protocol artefacts, message sizes and patterns and payloads?
>
> Position papers (maximum of 5 pages using 10pt font or any
> length Internet-Drafts) from academia, industry and others that
> focus on the broader picture and that warrant the kind of
> extended discussion that a full day workshop offers are the most
> welcome. Papers that reflect experience based on running code
> and deployed services are also very welcome. Papers that are
> proposals for point-solutions are less useful in this context,
> and can simply be submitted as Internet-Drafts and discussed on
> relevant IETF or W3C lists, e.g. the IETF perpass list. [3]
>
> The workshop will be by invitation only. Those wishing to attend
> should submit a position paper or Internet-Draft. All inputs
> submitted and considered relevant will be published on the
> workshop web page. The organisers (STREWS project participants,
> IAB and W3C staff) will decide whom to invite based on the
> submissions received. Sessions will be organized according to
> content, and not every accepted submission or invited attendee
> will have an opportunity to present as the intent is to foster
> discussion and not simply to have a sequence of presentations.
>
> [1] http://down.dsg.cs.tcd.ie/misc/perpass.txt
> [2] http://www.strews.eu/
> [3] https://www.ietf.org/mailman/listinfo/perpass
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 313 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : https://lists.afrinic.net/pipermail/africann/attachments/20140203/550b52d2/signature.bin
More information about the AfrICANN
mailing list