Report on 33st Internet Engineering Task Force Meeting

by Avi Rubin, Bellcore

The Internet Engineering Task Force (IETF) held its 33rd meeting in beautiful Stockholm, Sweden on July 17-21. The IETF has a www home page,, where more information can be found. Briefly, the IETF is the protocol engineering and development arm of the Internet. The IETF is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. It is open to any interested individual. The actual technical work of the IETF is done in its working groups, which are organized by topic into several areas (e.g., routing, network management, security, etc.).

The July meeting had about 1000 participants, up from about 850 that attended in April. The large attendance was surprising given the large number of Americans that participate in the IETF, but if you're on a limited travel budget, Stockholm is definitely a trip you don't want to miss. The conference took place at the Grand hotel, the oldest hotel in Stockholm, and situated in the heart of downtown, across the water from Old Town.

There were several working group (WG) meetings and three Birds of Feather (BOF) sessions. The working groups that met were web transaction security (WTS), authenticated firewall traversal (AFT), IP layer security (IPSEC), common authentication technologies (CAT), site security handbook (SSH). Groups that did not meet include domain name security (DNS), privacy enchanced mail (PEM), and one- time passwords (OTP). The BOF's that were held were secure socket layer (SSL), electronic payments, and SKIP. The last day of the conference was reserved for technical talks, and several talks were given on electronic payment protocols. These talks differed from the ones in the working group in that the audience consisted of the entire IETF community, rather than just the security crowd.

By far the most controversial sessions were the two electronic payment BOF's. The meetings were chaired by Amir Herzberg of IBM. The first meeting consisted of two hours of technical presentations of various protocols for electronic payment. Among the presentations were iKP by Gene Tsudik of IBM, Netscape's e-payment scheme presented by Taher ElGamal, secure transaction technology by Microsoft/Visa, Cybercash by Steve Crocker and Don Eastlake, Netcheck by Cliff Neuman of USC/ISS, and also presentations by Win Treese of OpenMarket and Spyglass. One observation made by many is that most of the payment protocols resembled each other not only architecturally, but in the messages as well. This was encouraging towards the possibility of merging the protocols into one standard.

Then came the second session. The purpose of this session was to discuss the formation of a working group and a draft charter that was proposed by Amir. It was an interesting and often fiery discussion that resulted. At one point it seemed that no working group should be formed, then a bit later, it appeared that 4 or 5 working groups might be needed. In the end, a consensus was reached (an IETF word meaning that nobody is really happy, but the fewest number of people don't like the idea) that the best idea would be to have one or two working groups with a very narrow focus, designed to solve a particular problem. It was also agreed to ignore the fact that the credit card companies plan to announce their protocol in September. Within the 24 hours following the second meeting, there were two draft proposals submitted to Jeff Schiller, the area director for security. For more information on the electronic payments activity, there are two mailing lists: for general discussion and for charter and working group information. To subscribe to either of these lists, send mail to
with: 'subscribe group-name' in the body of the message. The archives are in EPAY-i and PAYMENTS-i.

In the SSL BOF, Taher ElGamal did not present the SSL scheme. This was presented at the previous meeting in Danvers last April. Instead, the group discussed the viability of having an IETF standard for a commercial product. Also, it was suggested that this work might belong in the web transaction security group. Finally, a consensus was reached that it probably is worthwhile to have a separate group devoted to session layer security so that kernel modifications are not necessary. The SSL draft will be the first draft submitted to the session layer security group, and ElGamal assured that Netscape would give change control of the draft to the working group (although no papers were signed). One other interesting point is that there was general agreement that X.509 certificates should not be a requirement for session layer security. The mailing list for the group is, and to subscribe, send mail to

In the IPSEC meeting, Mark Schertler of the NSA presented the ISAKMP framework for key management message exchanges. It was generally agreed that this is a good idea, although it was suggested by Steve Bellovin that it might be too flexible. The details are being worked out. The other key management protocol is Photuris. The author, Phil Karn, was not present, and this proposal was not discussed at the meeting. Meanwhile, the following documents have been moved to proposed standard: draft-ietf-ipsec-arch-00.txt -esp- -auth- -esp-des-cbc-03.txt -ah-md5-02. That means that there will be a general last call for comments, and when they are approved by the IESG, they will become RFC standards. At the end of the meeting, Don Eastlake presented the work being done by DNS security and how it ties in with IPSEC because there was no DNS security meeting this time. Basically, the work being done by the DNS is to include information containing certificates within the domain name structure to distribute long-term keys. The mailing list for IPSEC is at, and the archive can be found at

The web transaction security (WTS) working group is chaired by Charlie Kaufman. The first speaker was Simon Cooper from Network Services at Rutgers. He presented an API called RUSSL ( which provides the following services: an encrypt channel, service authentication, client authentication (If service request it), message authentication, protection against message replay, and status callback that allow GUI applications to provide transaction progress. The next speaker was Doug Rosenthal from EINet Corp. He proposed a new URL type, gss_http, which would provide a GSSAPI for web transactions. Other speakers were Alan Schiffman who discussed some issues with regard to SHTTP, and then Simon Cooper spoke again about the requirements for WTS. The session ended with a decision to come up with a requirements document within the next month.

The AFT group is working on standardizing SOCKS version 5. SOCKS provides proxy services. The current draft is draft-ietf-aft-socks-protocol-v5-03.txt, which is undergoing several revisions. The BOF on SKIP demonstrated that there might be more than one approach to key management at the IP layer. SKIP differs from other proposals in that there is no key management. Instead, key information is embedded in every IP packet. There is some resistance to this in the IPSEC, but Schiller suggested that if the IPSEC crowd does not get their act together, SKIP might stand a good chance because it is available and it works.

The CAT working group met for two sessions at the Stockholm IETF. Topics related to active documents included GSS-V2 (to receive another set of specific revisions at the Internet-Draft level, and then to be recommended for advancement to Proposed Standards), IDUP (where revised interface specs and a new mechanism spec were discussed, with standards advancement to be considered at the next IETF), GSS-API Negotiation, Kerberos mechanism and extensions, FTP Security (to be recommended for advancement to Proposed Standard after inclusion of clarifying revisions), and a presentation of a new mechanism based on FIPS PUB JJJ cryptography. Presentations on work in progress included GSS-API integration into World-Wide Web browsers and servers, loadable GSS-API multi-mechanism support, and discussion of use of RFC-1731 as a generic framework for integration of security tokens into text-based applications. The group also discussed a range of candidate follow-on topic areas related to authorization, and identified a subset with apparent common value and feasibility for proposals and work by group members.

The OTP group did not meet. It is currently working on standardizing the S/KEY. The PEM group did not meet as well. The MOSS documents in that group are moving along through the standards process, and Jeff Schiller is considering closing down the PEM group after that.

Finally, at the end of the IETF conference, the Security Area Advisory Group (SAAG) met. In this meeting, all of the security work that took place at the conference was summarized, including reports from all the working groups. Jeff Schiller, the area director for security, ran the meeting. Amir Herzberg suggested that it might make sense to have a special working group devoted to key management for hosts, rather than have each group come up with key management protocols. Schiller dismissed the idea pointing out that in a sense, this is what IPSEC is doing anyway.

The next IETF meeting will be in Dallas, Texas on December 4-8, 1995. 1995. For more information see