CINXE.COM

IETF | Security & privacy

<!doctype html><!--[if lt IE 7]> <html lang="en" class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]--><!--[if IE 7]> <html lang="en" class="no-js lt-ie9 lt-ie8"> <![endif]--><!--[if IE 8]> <html lang="en" class="no-js lt-ie9"> <![endif]--><!--[if gt IE 8]><!--><html lang="en" class="no-js"><!--<![endif]--><head> <meta charset="utf-8"/><meta http-equiv="X-UA-Compatible" content="IE=edge"/><title>IETF | Security &amp; privacy</title><meta name="description" content="Trust by users in security and privacy on the Internet is a critical part of its success. A range of components, including robust implementations, careful deployment, and appropriate use of security technologies, is required to create a trusted Internet."/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="twitter:card" content="summary"/><meta name="twitter:site" content="@ietf"/><meta name="twitter:title" content="Security &amp; privacy"/><meta name="twitter:description" content="Trust by users in security and privacy on the Internet is a critical part of its success. A range of components, including robust implementations, careful deployment, and appropriate use of security technologies, is required to create a trusted Internet."><meta name="twitter:image" content="/media/images/security.original_FLci3N4.jpg"><meta property="fb:app_id" content="159756941186350"/><meta property="og:type" content="website"/><meta property="og:url" content="/technologies/security/"/><meta property="og:title" content="Security &amp; privacy"/><meta property="og:image" content="/media/images/security.original_FLci3N4.jpg"/><meta property="og:description" content="Trust by users in security and privacy on the Internet is a critical part of its success. A range of components, including robust implementations, careful deployment, and appropriate use of security technologies, is required to create a trusted Internet."/><meta property="og:site_name" content="IETF"/> <link href="https://static.ietf.org/fonts/inter/import.css" rel="stylesheet"/> <script defer="defer" src="/static/dist/main.7d84808b4dfd.js"></script><link href="/static/dist/main.b24c4c15ad12.css" rel="stylesheet"></head><body class="template-topic-page"> <header class="header"> <a href="#content" class="visually-hidden visually-hidden-focusable">Skip to main content</a> <nav class="navbar navbar-expand-lg" aria-label="Main" > <div class="container position-relative"> <button class="navbar-toggler navbar-toggler-light" type="button" data-bs-toggle="collapse" data-bs-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="Toggle navigation" > <span class="navbar-toggler-icon text-dark"></span> </button> <!-- Mobile search --> <button class="btn btn-link nav-link text-dark ms-3 me-auto d-lg-none" type="button" data-bs-toggle="collapse" data-bs-target="#navbarSearch" aria-controls="navbarSearch" aria-expanded="false" aria-label="Toggle search bar" > <i class="bi bi-search"></i> Search </button> <div class="navbar-brand header__logo-container"> <a class="text-light" href="/"> <img class="header__logo" src="https://static.ietf.org/logos/ietf.svg" alt="IETF logo" /> </a> </div> <div class="collapse navbar-collapse flex-wrap-reverse" id="navbarSupportedContent" > <ul class="navbar-nav col-12 col-xl-auto justify-content-xl-center flex-grow"> <li class="nav-item dropdown position-static"> <button class=" nav-link btn megamenu__toggle text-dark fw-semibold text-uppercase dropdown-toggle pe-1 " id="megamenu-toggle-1" role="button" data-bs-toggle="dropdown" data-bs-auto-close="outside" aria-expanded="false" > About </button> <div class="dropdown-menu megamenu__menu w-100 px-2" aria-labelledby="megamenu-toggle-" > <div class="container py-3"> <div class="row gx-5"> <div class="col-lg-4 d-none d-lg-block"> <div class=""> <p></p> <img src="/media/images/ietf-logo.width-600.jpg" class="w-100 object-fit-cover" /> </div> </div> <div class="col-lg-8"> <h5 class="border-bottom mb-1 pb-1"> <a class="dropdown-item" href="/about/"> About <i class="bi bi-chevron-right"></i> </a> </h5> <ul class="megamenu__linklist"> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">Introduction to the IETF</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/about/introduction/"> Introduction to the IETF </a> </li> <li> <a class="dropdown-item" href="https://www.ietf.org/about/introduction/#participants"> Participants </a> </li> <li> <a class="dropdown-item" href="https://www.ietf.org/about/introduction/#mission"> Mission </a> </li> <li> <a class="dropdown-item" href="https://www.ietf.org/about/introduction/#principles"> Principles </a> </li> <li> <a class="dropdown-item" href="https://www.ietf.org/about/introduction/#work"> The work </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">Structure of the IETF</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/about/groups/iesg/"> Internet Engineering Steering Group </a> </li> <li> <a class="dropdown-item" href="/about/groups/iab/"> Internet Architecture Board </a> </li> <li> <a class="dropdown-item" href="/about/groups/irtf/"> Internet Research Task Force </a> </li> <li> <a class="dropdown-item" href="/about/liaisons/"> Liaisons </a> </li> <li> <a class="dropdown-item" href="/about/groups/nomcom/"> Nominating Committee </a> </li> <li> <a class="dropdown-item" href="/about/groups/trust/"> IETF Trust </a> </li> <li> <a class="dropdown-item" href="/about/groups/rfc-editor/"> RFC Editor </a> </li> <li> <a class="dropdown-item" href="/about/groups/ise/"> Independent Submissions Editor </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">Legal requests</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/administration/legal-request-procedures/"> Legal request procedures </a> </li> <li> <a class="dropdown-item" href="/administration/legal-requests/"> Legal requests </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">Administration</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/administration/overview/"> IETF Administration LLC </a> </li> <li> <a class="dropdown-item" href="/administration/announcements/"> Administrative announcements </a> </li> <li> <a class="dropdown-item" href="/administration/reports/"> Administrative reports </a> </li> <li> <a class="dropdown-item" href="/administration/llc-board/"> IETF Administration LLC Board of Directors </a> </li> <li> <a class="dropdown-item" href="/administration/financial-statements/"> Financial statements </a> </li> <li> <a class="dropdown-item" href="/administration/rfps-and-contracts/"> RFPs and contracts </a> </li> <li> <a class="dropdown-item" href="/administration/policies-procedures/"> Administrative policies and procedures </a> </li> <li> <a class="dropdown-item" href="/transparency/"> IETF LLC transparency report </a> </li> </ul> </div> </div> </div> </div> </li> <li class="nav-item dropdown position-static"> <button class=" nav-link btn megamenu__toggle text-dark fw-semibold text-uppercase dropdown-toggle pe-1 " id="megamenu-toggle-2" role="button" data-bs-toggle="dropdown" data-bs-auto-close="outside" aria-expanded="false" > Technologies </button> <div class="dropdown-menu megamenu__menu w-100 px-2" aria-labelledby="megamenu-toggle-" > <div class="container py-3"> <div class="row gx-5"> <div class="col-lg-4 d-none d-lg-block"> <div class=""> <p>The IETF works on a broad range of networking technologies that provide the foundation for the Internet&#x27;s growth and evolution.</p> <img src="/media/images/things.width-600.jpg" class="w-100 object-fit-cover" /> </div> </div> <div class="col-lg-8"> <h5 class="border-bottom mb-1 pb-1"> <a class="dropdown-item" href="/technologies/"> Technologies <i class="bi bi-chevron-right"></i> </a> </h5> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/technologies/netmgmt/"> Automated network management </a> </li> <li> <a class="dropdown-item" href="/technologies/iot/"> The Internet of Things </a> </li> <li> <a class="dropdown-item" href="/technologies/transport/"> New transport technology </a> </li> <li> <a class="dropdown-item" href="/technologies/security/"> Security &amp; privacy </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">IETF technologies in action</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/technologies/dns/"> Domain Name System </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">IETF technology groups</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/technologies/areas/"> IETF Areas </a> </li> <li> <a class="dropdown-item" href="/technologies/keywords/"> Working Group keywords </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">Recent posts about IETF technologies</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/blog/wimse-working-group/"> WIMSE Working Group: Serious business for cloud computing </a> </li> <li> <a class="dropdown-item" href="/blog/green-wg/"> The new GREEN working group gets ready for an energy efficient Internet </a> </li> <li> <a class="dropdown-item" href="/blog/wit-area/"> New IETF Area focuses on web and transport technologies </a> </li> <li> <a class="dropdown-item" href="/blog/edhoc/"> EDHOC - A new lightweight authenticated key exchange protocol provides improved security with less overhead for Internet-of-Things devices </a> </li> </ul> </div> </div> </div> </div> </li> <li class="nav-item dropdown position-static"> <button class=" nav-link btn megamenu__toggle text-dark fw-semibold text-uppercase dropdown-toggle pe-1 " id="megamenu-toggle-5" role="button" data-bs-toggle="dropdown" data-bs-auto-close="outside" aria-expanded="false" > Meetings </button> <div class="dropdown-menu megamenu__menu w-100 px-2" aria-labelledby="megamenu-toggle-" > <div class="container py-3"> <div class="row gx-5"> <div class="col-lg-4 d-none d-lg-block"> <div class=""> <p>While most IETF work takes place online, meetings and other events such as Hackathons provide in-person opportunities to advance work within the IETF.</p> <img src="/media/images/_MG_4832.width-600.jpg" class="w-100 object-fit-cover" /> </div> </div> <div class="col-lg-8"> <h5 class="border-bottom mb-1 pb-1"> <a class="dropdown-item" href="/meeting/"> Meetings <i class="bi bi-chevron-right"></i> </a> </h5> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/meeting/122/"> IETF 122 Bangkok </a> </li> <li> <a class="dropdown-item" href="/meeting/123/"> IETF 123 Madrid </a> </li> <li> <a class="dropdown-item" href="/meeting/124/"> IETF 124 Montreal </a> </li> <li> <a class="dropdown-item" href="/meeting/upcoming/"> Upcoming meetings </a> </li> <li> <a class="dropdown-item" href="/meeting/past/"> Past meetings </a> </li> <li> <a class="dropdown-item" href="/meeting/interim/"> Interim meetings </a> </li> <li> <a class="dropdown-item" href="/meeting/hackathons/"> IETF Hackathons </a> </li> <li> <a class="dropdown-item" href="/meeting/code-sprint/"> Code Sprint </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">Participation information</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/meeting/preparation/"> Preparing for an IETF Meeting </a> </li> <li> <a class="dropdown-item" href="/meeting/guide-ietf-meetings/"> Guide to IETF Meetings </a> </li> <li> <a class="dropdown-item" href="/meeting/technology/"> Meeting network and technology </a> </li> <li> <a class="dropdown-item" href="/meeting/new-participants/"> New Participants </a> </li> <li> <a class="dropdown-item" href="/participate/guides/"> IETF Guides program </a> </li> <li> <a class="dropdown-item" href="/meeting/terms-and-conditions/"> IETF meeting terms and conditions </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">Organizing meetings</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/meeting/planning/"> Meeting planning </a> </li> <li> <a class="dropdown-item" href="/support-us/sponsorship/"> Meeting sponsorship </a> </li> </ul> </div> </div> </div> </div> </li> <li class="nav-item dropdown position-static"> <button class=" nav-link btn megamenu__toggle text-dark fw-semibold text-uppercase dropdown-toggle pe-1 " id="megamenu-toggle-4" role="button" data-bs-toggle="dropdown" data-bs-auto-close="outside" aria-expanded="false" > Process </button> <div class="dropdown-menu megamenu__menu w-100 px-2" aria-labelledby="megamenu-toggle-" > <div class="container py-3"> <div class="row gx-5"> <div class="col-lg-4 d-none d-lg-block"> <div class=""> <p>The IETF is the premier Internet standards organization. It follows open and well-documented processes for setting these standards. Once published, those standards are made freely available.</p> </div> </div> <div class="col-lg-8"> <h5 class="border-bottom mb-1 pb-1"> <a class="dropdown-item" href="/process/"> Process <i class="bi bi-chevron-right"></i> </a> </h5> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/process/process/"> Internet standards process </a> </li> <li> <a class="dropdown-item" href="/process/wgs/"> Guide to IETF Working Groups </a> </li> <li> <a class="dropdown-item" href="/process/bofs/"> Birds of a Feather </a> </li> <li> <a class="dropdown-item" href="/process/iana/"> Protocol registries (IANA) </a> </li> <li> <a class="dropdown-item" href="/process/ipr/"> Intellectual property rights </a> </li> <li> <a class="dropdown-item" href="/process/directorates/"> Directorates and teams </a> </li> <li> <a class="dropdown-item" href="/process/informal/"> The IETF process: an informal guide </a> </li> <li> <a class="dropdown-item" href="/process/new-work/"> Bringing new work to the IETF </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">RFCs</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/process/rfcs/"> About RFCs </a> </li> <li> <a class="dropdown-item" href="/about/groups/rfc-editor/"> RFC Editor </a> </li> <li> <a class="dropdown-item" href="https://www.ietf.org/process/rfcs/#availability-and-use"> Availability and Use </a> </li> <li> <a class="dropdown-item" href="https://www.ietf.org/process/rfcs/#formats"> Publication formats </a> </li> <li> <a class="dropdown-item" href="https://www.ietf.org/process/rfcs/#statuses"> Statuses </a> </li> <li> <a class="dropdown-item" href="https://www.ietf.org/process/rfcs/#streams"> Publication streams </a> </li> <li> <a class="dropdown-item" href="https://www.ietf.org/process/rfcs/#errata"> Corrections and errata </a> </li> <li> <a class="dropdown-item" href="/process/rfcs/vulnerabilities/"> Reporting protocol vulnerabilities to the IETF </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">Standards process details</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/process/process/informational-vs-experimental/"> Choosing between Informational and Experimental Status </a> </li> <li> <a class="dropdown-item" href="/process/process/role-iesg-standards-process/"> The role of the IESG in the Standards process </a> </li> <li> <a class="dropdown-item" href="https://datatracker.ietf.org/group/iesg/appeals/"> Appeals to the IESG </a> </li> <li> <a class="dropdown-item" href="/process/process/iesg-ballots/"> IESG ballot procedures </a> </li> <li> <a class="dropdown-item" href="/process/informal/"> The IETF process: an informal guide </a> </li> </ul> </div> </div> </div> </div> </li> <li class="nav-item dropdown position-static"> <button class=" nav-link btn megamenu__toggle text-dark fw-semibold text-uppercase dropdown-toggle pe-1 " id="megamenu-toggle-3" role="button" data-bs-toggle="dropdown" data-bs-auto-close="outside" aria-expanded="false" > Participate </button> <div class="dropdown-menu megamenu__menu w-100 px-2" aria-labelledby="megamenu-toggle-" > <div class="container py-3"> <div class="row gx-5"> <div class="col-lg-4 d-none d-lg-block"> <div class=""> <p>The global IETF community works together in many different ways to produce high quality, relevant technical documents that influence the way people design, use, and manage the Internet.</p> </div> </div> <div class="col-lg-8"> <h5 class="border-bottom mb-1 pb-1"> <a class="dropdown-item" href="/participate/"> Participate <i class="bi bi-chevron-right"></i> </a> </h5> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/participate/get-started/"> Getting started in the IETF </a> </li> <li> <a class="dropdown-item" href="/participate/ids/"> Internet-Drafts </a> </li> <li> <a class="dropdown-item" href="/participate/ietf-systers/"> IETF Systers </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">Tools and services</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/participate/lists/"> Mailing lists </a> </li> <li> <a class="dropdown-item" href="/participate/tools/"> Tools and Services </a> </li> <li> <a class="dropdown-item" href="/about/open-records/"> Open records </a> </li> <li> <a class="dropdown-item" href="https://chairs.ietf.org"> Chairs Resources </a> </li> <li> <a class="dropdown-item" href="https://authors.ietf.org"> I-D Authors Resources </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">Participation guides</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/meeting/guide-ietf-meetings/"> Guide to IETF Meetings </a> </li> <li> <a class="dropdown-item" href="/process/wgs/"> Guide to IETF Working Groups </a> </li> <li> <a class="dropdown-item" href="/participate/roles/"> Roles in the IETF </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">Key policies</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/about/note-well/"> Note Well - A reminder of IETF policies </a> </li> <li> <a class="dropdown-item" href="https://datatracker.ietf.org/doc/statement-iesg-ietf-anti-harassment-policy-20131103/"> Anti-harassment policy </a> </li> <li> <a class="dropdown-item" href="https://www.rfc-editor.org/info/bcp9"> Internet Standards process (BCP 9) </a> </li> <li> <a class="dropdown-item" href="https://www.rfc-editor.org/info/bcp25"> Working Group processes (BCP 25) </a> </li> <li> <a class="dropdown-item" href="https://www.rfc-editor.org/rfc/rfc7154.html"> Guidelines for conduct (BCP 54) </a> </li> <li> <a class="dropdown-item" href="https://www.rfc-editor.org/rfc/rfc5378.html"> Copyright (BCP 78) </a> </li> <li> <a class="dropdown-item" href="https://www.rfc-editor.org/rfc/rfc8179.html"> Patents, Participation (BCP 79) </a> </li> <li> <a class="dropdown-item" href="/privacy-statement/"> IETF/IRTF/IAB Privacy Statement </a> </li> </ul> </div> </div> </div> </div> </li> <li class="nav-item dropdown position-static"> <button class=" nav-link btn megamenu__toggle text-dark fw-semibold text-uppercase dropdown-toggle pe-1 " id="megamenu-toggle-6" role="button" data-bs-toggle="dropdown" data-bs-auto-close="outside" aria-expanded="false" > Support us </button> <div class="dropdown-menu megamenu__menu w-100 px-2" aria-labelledby="megamenu-toggle-" > <div class="container py-3"> <div class="row gx-5"> <div class="col-lg-4 d-none d-lg-block"> <div class=""> <p>By supporting the IETF today, you are ensuring a free and open Internet exists tomorrow.</p> <img src="/media/images/IMG_15.width-600.jpg" class="w-100 object-fit-cover" /> </div> </div> <div class="col-lg-8"> <h5 class="border-bottom mb-1 pb-1"> <a class="dropdown-item" href="/support-us/"> Support us <i class="bi bi-chevron-right"></i> </a> </h5> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/support-us/why-support/"> Why we need your support </a> </li> <li> <a class="dropdown-item" href="/support-us/donors/"> IETF financial supporters </a> </li> <li> <a class="dropdown-item" href="/support-us/donate-ietf/"> Donate to the IETF </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">Ways to give</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/support-us/endowment/"> IETF Endowment </a> </li> <li> <a class="dropdown-item" href="/support-us/sponsorship/"> Meeting sponsorship </a> </li> <li> <a class="dropdown-item" href="/support-us/donate/"> Other ways to give </a> </li> <li> <a class="dropdown-item" href="/support-us/technical-foundations/"> Technical foundations for business </a> </li> </ul> <h6 class="mt-3 mb-1 pb-1 border-bottom">Supporting values</h6> <ul class="megamenu__linklist"> <li> <a class="dropdown-item" href="/runningcode/"> Running Code </a> </li> <li> <a class="dropdown-item" href="/sustainability/"> Sustainability </a> </li> <li> <a class="dropdown-item" href="/diversity/"> Diversity and Inclusion </a> </li> <li> <a class="dropdown-item" href="/open-internet/"> Open Internet </a> </li> </ul> </div> </div> </div> </div> </li> </ul> <ul class="navbar-nav col-xl-auto"> <li class=" nav-item " > <a class=" nav-link btn text-dark " href="/blog/" >News &amp; blog</a> </li> <li class="nav-item d-none d-lg-inline-block"> <a href="/search" class="btn text-dark nav-link" role="button" data-bs-toggle="collapse" data-bs-target="#navbarSearch" aria-controls="navbarSearch" aria-expanded="false" aria-label="Toggle search bar" > <i class="bi bi-search"></i> Search </a> </li> </ul> </div> </div> </nav> <div class="collapse" id="navbarSearch"> <div class="container"> <div class="row justify-content-center"> <form class="input-group mt-3 mb-3 col-md-8 col-lg-6" action="/search/" method="get" name="search" > <input id="search" type="search" class="form-control" placeholder="Search" aria-label="Search" name="query" required /> <button type="submit" class="btn btn-primary" aria-label="Submit website search">Go</button> </form> </div> </div> </div> </header> <main id="content"> <div class="bg-white"> <div class="container"> <nav aria-label="breadcrumbs"> <ol class="breadcrumb bg-transparent pt-3 mb-3 "> <li class="breadcrumb-item"><a class="text-dark" aria-label="Home" href="/"><i class="bi bi-house-door-fill"></i></a></li> <li class="breadcrumb-item "><a class="text-dark" href="/technologies/">Technologies</a></li> </ol> </nav> <div class="row pb-4"> <div class="col-12 col-lg-8 col-xl-9 order-3 order-lg-2"> <h1>Security &amp; privacy</h1> <p class="lead u-max-text-width">Trust by users in security and privacy on the Internet is a critical part of its success. A range of components, including robust implementations, careful deployment, and appropriate use of security technologies, is required to create a trusted Internet.</p> </div> <div class="col-12 col-lg-4 col-xl-3 order-2 order-lg-3 text-lg-right mb-3 mb-lg-0"> <img src="/media/images/security.original_FLci3N4.jpg" alt="security" class="thumb-img border border-primary"> </div> </div> </div> </div> <div class="bg-white"> <div class="container"> <div class="row g-0 align-items-start justify-content-between"> <div class="col-12 col-lg-8 col-xl-9"> <div class="no-js-hide u-max-text-width pe-lg-3"> <div class="mb-3 pt-3 pt-lg-3 border-top"> <div class=""> <div id="key-info" class=""> <div class="block-paragraph"><p data-block-key="33lt2">Technical standards and Best Current Practice聽documents developed in the IETF provide important foundational elements for security and privacy on the Internet. IETF standards strive to be resilient against a host of known and聽emerging threats. Internet security has long been an integral part of the process of developing Internet standards: for more than 20 years, all RFCs have been required to include a section that discusses the security considerations of the protocol or procedures that are the main topic of the RFC.<br/></p></div> <div class="block-paragraph"><p data-block-key="62fan">The <a href="https://datatracker.ietf.org/group/sec/about/">IETF Security Area</a>, with more than 20 <a href="https://datatracker.ietf.org/wg/#sec">active Working Groups</a>, provides a focal point for security-related technical work in the IETF. Their work includes:</p><ul><li data-block-key="sdrl0">enabling secure and privacy-preserving communications;聽<br/></li><li data-block-key="rp54e">helping collect, verify, understand, and update the state of network end-points; and<br/></li><li data-block-key="mqnjh">providing protocols and applications the means to handle the authentication, authorization, and accounting of users, applications, and devices.</li></ul><p data-block-key="5fmdv"></p><p data-block-key="t2xz8">The <a href="https://datatracker.ietf.org/group/secdir/about/">IETF Security Directorate</a>, consisting of the Working Group Chairs of the Security Area and selected individuals chosen for聽their technical knowledge in security, work with other groups within the IETF to help ensure IETF protocols provide an appropriate level of security for their intended usage.</p><p data-block-key="ktt16">A few recent and current efforts underway in the IETF are described below:</p></div> <div class="block-paragraph"><ul><li data-block-key="e8ry3">The latest version of the Transport Layer Security protocol, TLS 1.3, <a href="https://www.ietf.org/blog/tls13/">updates the most important security protocol on the Internet</a>. TLS 1.3 delivers superior privacy, security, and performance over previous versions. This capability is a foundation of online commerce, medicine, and other sensitive transactions. For these and many other uses it is critical that transmitted information not be tampered with, forged, or read by anyone other than the sender and receiver. These features have been a key part of the Internet鈥檚 growth and are critical to many uses today. Importantly, given the significant improvements TLS 1.3 provides, its adoption rate since publication as a standard is increasing five times faster than the previous version.</li></ul></div> <div class="block-paragraph"><ul><li data-block-key="1wirg">The Automated Certificate Management Environment (<a href="https://www.ietf.org/blog/acme/">ACME</a>) protocol, recently published as RFC 8555, lets you set up a secure website in just a few seconds. When you connect to your bank or your health care provider over the Internet, you need to know that you鈥檙e actually talking to them, and not a bad actor who is impersonating them and might steal your information or tamper with the transaction. Security protocols such as <a href="https://www.ietf.org/blog/tls13/">TLS 1.3</a> provide encryption that protects you from everyone except the other side of the connection, but don鈥檛 themselves allow you to verify who that person is. ACME automates all the steps needed to verify that the other side of a secure connection is who you think it is, unlocking the potential for universal encryption on the Internet.</li></ul></div> <div class="block-paragraph"><ul><li data-block-key="wu5ep">As an evolution of existing technologies for secure two-party communication, development of the emerging Messaging Layering Security (MLS) protocol has seen strong participation by significant industry players. MLS aims to provide a standards-based approach for message protection within groups, potentially very large ones. MLS aims to ensure message confidentiality, integrity and forward secrecy, which ensures previously sent messages remain confidential even if the system is compromised at some point in the future. Several widely-deployed applications have developed their own protocols to meet these kinds of needs. While these independently-developed聽 protocols are similar, no two are close enough to interoperate at a cryptographic level. The MLS Working Group is following the approach used in the development of TLS 1.3, benefiting from broad participation by industry and cryptographic researchers to implement and verify the protocol as it works towards standardization.</li></ul></div> </div> </div> </div> </div> <noscript> <div class="block-paragraph"><p data-block-key="33lt2">Technical standards and Best Current Practice聽documents developed in the IETF provide important foundational elements for security and privacy on the Internet. IETF standards strive to be resilient against a host of known and聽emerging threats. Internet security has long been an integral part of the process of developing Internet standards: for more than 20 years, all RFCs have been required to include a section that discusses the security considerations of the protocol or procedures that are the main topic of the RFC.<br/></p></div> <div class="block-paragraph"><p data-block-key="62fan">The <a href="https://datatracker.ietf.org/group/sec/about/">IETF Security Area</a>, with more than 20 <a href="https://datatracker.ietf.org/wg/#sec">active Working Groups</a>, provides a focal point for security-related technical work in the IETF. Their work includes:</p><ul><li data-block-key="sdrl0">enabling secure and privacy-preserving communications;聽<br/></li><li data-block-key="rp54e">helping collect, verify, understand, and update the state of network end-points; and<br/></li><li data-block-key="mqnjh">providing protocols and applications the means to handle the authentication, authorization, and accounting of users, applications, and devices.</li></ul><p data-block-key="5fmdv"></p><p data-block-key="t2xz8">The <a href="https://datatracker.ietf.org/group/secdir/about/">IETF Security Directorate</a>, consisting of the Working Group Chairs of the Security Area and selected individuals chosen for聽their technical knowledge in security, work with other groups within the IETF to help ensure IETF protocols provide an appropriate level of security for their intended usage.</p><p data-block-key="ktt16">A few recent and current efforts underway in the IETF are described below:</p></div> <div class="block-paragraph"><ul><li data-block-key="e8ry3">The latest version of the Transport Layer Security protocol, TLS 1.3, <a href="https://www.ietf.org/blog/tls13/">updates the most important security protocol on the Internet</a>. TLS 1.3 delivers superior privacy, security, and performance over previous versions. This capability is a foundation of online commerce, medicine, and other sensitive transactions. For these and many other uses it is critical that transmitted information not be tampered with, forged, or read by anyone other than the sender and receiver. These features have been a key part of the Internet鈥檚 growth and are critical to many uses today. Importantly, given the significant improvements TLS 1.3 provides, its adoption rate since publication as a standard is increasing five times faster than the previous version.</li></ul></div> <div class="block-paragraph"><ul><li data-block-key="1wirg">The Automated Certificate Management Environment (<a href="https://www.ietf.org/blog/acme/">ACME</a>) protocol, recently published as RFC 8555, lets you set up a secure website in just a few seconds. When you connect to your bank or your health care provider over the Internet, you need to know that you鈥檙e actually talking to them, and not a bad actor who is impersonating them and might steal your information or tamper with the transaction. Security protocols such as <a href="https://www.ietf.org/blog/tls13/">TLS 1.3</a> provide encryption that protects you from everyone except the other side of the connection, but don鈥檛 themselves allow you to verify who that person is. ACME automates all the steps needed to verify that the other side of a secure connection is who you think it is, unlocking the potential for universal encryption on the Internet.</li></ul></div> <div class="block-paragraph"><ul><li data-block-key="wu5ep">As an evolution of existing technologies for secure two-party communication, development of the emerging Messaging Layering Security (MLS) protocol has seen strong participation by significant industry players. MLS aims to provide a standards-based approach for message protection within groups, potentially very large ones. MLS aims to ensure message confidentiality, integrity and forward secrecy, which ensures previously sent messages remain confidential even if the system is compromised at some point in the future. Several widely-deployed applications have developed their own protocols to meet these kinds of needs. While these independently-developed聽 protocols are similar, no two are close enough to interoperate at a cryptographic level. The MLS Working Group is following the approach used in the development of TLS 1.3, benefiting from broad participation by industry and cryptographic researchers to implement and verify the protocol as it works towards standardization.</li></ul></div> </noscript> <div class="d-none d-lg-block"> </div> </div> <nav aria-label="In this section" class="bg-body border col-12 col-lg-4 col-xl-3 p-3 p-lg-5 mb-4"> <h2 class="h5 mb-3"><a class="text-dark" href="/technologies/">Technologies</a></h2> <div class="block-paragraph"> <ul class="list-unstyled"> <li class="mb-1"><a class="text-dark" href="/technologies/netmgmt/">Automated network management</a></li> <li class="mb-1"><a class="text-dark" href="/technologies/iot/">The Internet of Things</a></li> <li class="mb-1"><a class="text-dark" href="/technologies/transport/">New transport technology</a></li> <li class="mb-1"> <a href="/technologies/security/" aria-current="page">Security &amp; privacy</a> </li> </ul> </div> </nav> </div> </div> </div> <div class="d-lg-none"> </div> </main> <footer class="bg-dark text-light py-1"> <div class="container my-5"> <div class="row"> <section class="col-lg"> <div class="border-bottom u-border-lg-bottom-0 border-light border-opacity-50"> <h4 class="my-0 py-4 fs-6" role="button" aria-expanded="false"> About <i class="bi bi-chevron-down"></i> </h4> <ul class="list-unstyled opacity-75 d-grid gap-2"> <li class="nav-item"> <a href="/about/introduction/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Introduction to the IETF </a> </li> <li class="nav-item"> <a href="/about/groups/iesg/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Internet Engineering Steering Group </a> </li> <li class="nav-item"> <a href="/administration/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Administration </a> </li> <li class="nav-item"> <a href="/policies/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Privacy and policies </a> </li> <li class="nav-item"> <a href="/contact/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Contact us </a> </li> </ul> </div> </section> <section class="col-lg"> <div class="border-bottom u-border-lg-bottom-0 border-light border-opacity-50"> <h4 class="my-0 py-4 fs-6" role="button" aria-expanded="false"> Technologies <i class="bi bi-chevron-down"></i> </h4> <ul class="list-unstyled opacity-75 d-grid gap-2"> <li class="nav-item"> <a href="/technologies/netmgmt/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Automated network management </a> </li> <li class="nav-item"> <a href="/technologies/iot/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > The Internet of Things </a> </li> <li class="nav-item"> <a href="/technologies/transport/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > New transport technology </a> </li> <li class="nav-item"> <a href="/technologies/security/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Security &amp; privacy </a> </li> <li class="nav-item"> <a href="/technologies/areas/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > IETF Areas </a> </li> </ul> </div> </section> <section class="col-lg"> <div class="border-bottom u-border-lg-bottom-0 border-light border-opacity-50"> <h4 class="my-0 py-4 fs-6" role="button" aria-expanded="false"> Meetings <i class="bi bi-chevron-down"></i> </h4> <ul class="list-unstyled opacity-75 d-grid gap-2"> <li class="nav-item"> <a href="/meeting/upcoming/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Upcoming meetings </a> </li> <li class="nav-item"> <a href="/meeting/past/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Past meetings </a> </li> <li class="nav-item"> <a href="/meeting/hackathons/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > IETF Hackathons </a> </li> <li class="nav-item"> <a href="/meeting/preparation/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Preparing for an IETF Meeting </a> </li> <li class="nav-item"> <a href="/meeting/guide-ietf-meetings/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Guide to IETF Meetings </a> </li> </ul> </div> </section> <section class="col-lg"> <div class="border-bottom u-border-lg-bottom-0 border-light border-opacity-50"> <h4 class="my-0 py-4 fs-6" role="button" aria-expanded="false"> Participate <i class="bi bi-chevron-down"></i> </h4> <ul class="list-unstyled opacity-75 d-grid gap-2"> <li class="nav-item"> <a href="/participate/get-started/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Getting started in the IETF </a> </li> <li class="nav-item"> <a href="/meeting/guide-ietf-meetings/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Guide to IETF Meetings </a> </li> <li class="nav-item"> <a href="/process/wgs/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Guide to IETF Working Groups </a> </li> <li class="nav-item"> <a href="/participate/lists/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Mailing lists </a> </li> </ul> </div> </section> <section class="col-lg"> <div class="border-bottom u-border-lg-bottom-0 border-light border-opacity-50"> <h4 class="my-0 py-4 fs-6" role="button" aria-expanded="false"> Process <i class="bi bi-chevron-down"></i> </h4> <ul class="list-unstyled opacity-75 d-grid gap-2"> <li class="nav-item"> <a href="/process/process/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Internet standards process </a> </li> <li class="nav-item"> <a href="/process/rfcs/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > About RFCs </a> </li> <li class="nav-item"> <a href="/process/new-work/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Bringing new work to the IETF </a> </li> <li class="nav-item"> <a href="/process/process/role-iesg-standards-process/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > The role of the IESG in the Standards process </a> </li> </ul> </div> </section> <section class="col-lg"> <div class="border-bottom u-border-lg-bottom-0 border-light border-opacity-50"> <h4 class="my-0 py-4 fs-6" role="button" aria-expanded="false"> Support us <i class="bi bi-chevron-down"></i> </h4> <ul class="list-unstyled opacity-75 d-grid gap-2"> <li class="nav-item"> <a href="/support-us/why-support/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Why we need your support </a> </li> <li class="nav-item"> <a href="/support-us/sponsorship/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Meeting sponsorship </a> </li> <li class="nav-item"> <a href="/support-us/donate/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > Other ways to give </a> </li> <li class="nav-item"> <a href="/support-us/donors/" class="link-underline-opacity-0 link-light fw-semibold lh-base" > IETF financial supporters </a> </li> </ul> </div> </section> </div> </div> <div class="container my-5"> <div class="d-lg-flex justify-content-between align-items-start lh-1"> <div class="d-flex fs-4 my-5 my-lg-0 ms-n2 my-5 me-3"> <a class="d-block text-light px-2" href="https://www.linkedin.com/company/internet-engineering-task-force/" rel="me" title="LinkedIn"> <i class="bi bi-linkedin"></i> </a> <a class="d-block text-light px-2" href="https://www.twitter.com/ietf" rel="me" title="Twitter"> <i class="bi bi-twitter"></i> </a> <a class="d-block text-light px-2" href="https://www.youtube.com/ietf" rel="me" title="YouTube"> <i class="bi bi-youtube"></i> </a> <a class="d-block text-light px-2" href="https://mastodon.online/@ietf" rel="me" title="Mastodon"> <i class="bi bi-mastodon"></i> </a> <a class="d-block text-light px-2" href="https://github.com/ietf/" rel="me" title="GitHub"> <i class="bi bi-github"></i> </a> </div> <ul class=" row gx-0 column-gap-5 row-gap-3 justify-content-lg-end my-5 my-lg-0 nav opacity-75 "> <li class="nav-item col-auto py-0"> <a href="/administration/overview/" class="nav-link text-light fs-10 p-0"> IETF LLC </a> </li> <li class="nav-item col-auto py-0"> <a href="https://www.rfc-editor.org" class="nav-link text-light fs-10 p-0"> RFC Editor </a> </li> <li class="nav-item col-auto py-0"> <a href="https://www.iana.org" class="nav-link text-light fs-10 p-0"> IANA </a> </li> <li class="nav-item col-auto py-0"> <a href="https://www.iab.org" class="nav-link text-light fs-10 p-0"> IAB </a> </li> <li class="nav-item col-auto py-0"> <a href="https://www.irtf.org" class="nav-link text-light fs-10 p-0"> IRTF </a> </li> <li class="nav-item col-auto py-0"> <a href="https://trustee.ietf.org" class="nav-link text-light fs-10 p-0"> IETF Trust </a> </li> </ul> </div> </div> </footer> <script> [... document.querySelectorAll("footer section")].forEach((section) => { const heading = section.querySelector("h4"); heading.addEventListener("click", () => { const expanded = section.classList.toggle("expanded"); heading.setAttribute("aria-expanded", expanded); }); }); </script> <script>window.staticRoot = "/static/dist/";</script> <script type="text/javascript"> var _paq = window._paq || []; _paq.push(['disableCookies']); _paq.push(['trackPageView']); _paq.push(['enableLinkTracking']); (function() { var u="//analytics.ietf.org/"; _paq.push(['setTrackerUrl', u+'matomo.php']); _paq.push(['setSiteId', 1]); var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; g.type='text/javascript'; g.async=true; g.defer=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s); })(); </script> <noscript><p><img src="//analytics.ietf.org/piwik.php?idsite=1" style="border:0;" alt="" /></p></noscript> <script>(function(){function c(){var b=a.contentDocument||a.contentWindow.document;if(b){var d=b.createElement('script');d.innerHTML="window.__CF$cv$params={r:'9141cb80f882f8fb',t:'MTczOTkyMTMyMS4wMDAwMDA='};var a=document.createElement('script');a.nonce='';a.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js';document.getElementsByTagName('head')[0].appendChild(a);";b.getElementsByTagName('head')[0].appendChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body.appendChild(a);if('loading'!==document.readyState)c();else if(window.addEventListener)document.addEventListener('DOMContentLoaded',c);else{var e=document.onreadystatechange||function(){};document.onreadystatechange=function(b){e(b);'loading'!==document.readyState&&(document.onreadystatechange=e,c())}}}})();</script></body></html>

Pages: 1 2 3 4 5 6 7 8 9 10