Skip to main content
  • New Internet Architecture Board, IETF Trust, IETF LLC and Internet Engineering Task Force Leadership Announced

    Members of the incoming Internet Architecture Board (IAB), the IETF Trust, the IETF Administration LLC (IETF LLC) Board of Directors, and the Internet Engineering Steering Group (IESG)—which provides leadership for the Internet Engineering Task Force (IETF)—have been officially announced, with new members selected by the 2021-2023 IETF Nominating Committee.

      13 Feb 2023
    • Informing the community on third-party correspondence regarding the W3C

      In accordance with our policy of transparency, this blog post is being published in order to keep the community informed about recent correspondence with lawyers acting on behalf of the Movement for an Open Web.

      • Lars EggertIETF Chair
      8 Feb 2023
    • Six Applied Networking Research Prizes Awarded for 2023

      Six network researchers have received Internet Research Task Force Applied Networking Research Prize (ANRP), an award focused on recent results in applied networking research and on interesting new research of potential relevance to the Internet standards community.

      • Grant GrossIETF Blog Reporter
      9 Jan 2023
    • Travel grants allow Ph.D. students to participate at IETF meeting in-person

      Sergio Aguilar Romero and Martine Sophie Lenders, both Ph.D. students in technology fields, attended and participated in the IETF 115 meeting in London with assistance through travel grants from the Internet Research Task Force.

      • Grant GrossIETF Blog Reporter
      7 Jan 2023
    • Impressions from the Internet Architecture Board E-Impact Workshop

      The IAB ran an online workshop in December 2022 to begin to explore and understand the environmental impacts of the Internet. The discussion was active, and it will take time to summarise and produce the workshop report – but the topic is important, so we wanted to share some early impressions of the outcomes.

      • Colin PerkinsIAB Member
      • Jari ArkkoIAB Member
      6 Jan 2023

    Filter by topic and date

    Filter by topic and date

    IETF 104: Internet of Things (IoT) Wrapup

    • Steve Olshansky

    20 May 2019

    At IETF 104, there was a great deal of activity related to various aspects of the IoT ecosystem across numerous working groups, Birds-of-a-Feather gatherings, the Thing-to-Thing Research Group (T2TRG), as well as side conversations. The IETF Hackathon preceding IETF 104, as well as spontaneous conversations in hallways and over meals around IETF 104, were also fruitful.

    For those interested in following or participating in IoT-related standards development, IETF working groups (WGs) are open to any interested individual. Much of the work of the IETF takes place on mailing lists and links to details about respective WG email lists, including information about subscribing and list archives, are included in the working group information towards the end of this post. But first, a summary of activities at IETF 104 assembled from contributions by, and thanks to, Henk Birkholz, Eliot Lear, Michael Richardson, and Mohit Sethi, followed by links to work undertaken at the recent IETF Hackathon and to ongoing IoT-related working groups as well as the T2TRG.

    Remote ATtestation ProcedureS (RATS) Working Group

    Henk Birkholz

    The RATS working group is aiming to provide answers to questions of how to imbue with trustworthiness the things that compose the Internet itself. A broad foundation is required to establish trust in network equipment, conveyance protocols, and the entities that govern them. Therefore, the working group anticipates participants from manufactures, vendors, various standards development organizations (SDOs), and other standards experts in the field of trust relationships and trusted computing. The aim is to bring these experts together in order to discuss and create the necessary protocols required to distribute believable evidence about the veracity of the things that compose the Internet.

    Creating the concept of "Forward Authenticity” is one of the first steps being taken. Providing indisputable evidence about the trustworthiness of the things that compose the Internet, in an inter-operable manner, is another goal of the RATS working group. The RATS working group has outlined many topics that have to be addressed in this domain and will continue to evolve systematically a corresponding roadmap to address them.

    Thing-to-Thing Research Group (T2TRG)

    Eliot Lear and Mohit Sethi

    The Thing-to-Thing research group (T2TRG), under the Internet Research Task Force (IRTF), investigates open research issues towards turning the promise of IoT into reality. The research group held reported on their recent activities during their session in Prague, and held a further working meeting to follow up.

    Earlier this year, the seminal document on IoT security considerations from T2TRG cleared its last milestone and was approved for publication as an informational RFC by the Internet Engineering Steering Group (IESG). T2TRG is also discussing two new pieces of work:

    • Constrained Internationalized Resource Identifiers describes a mechanism to encode URI components in Concise Binary Object Representation (CBOR) instead of the typical string of ASCII characters. This can simplify parsing and comparison of URIs in resource-constrained environments.
    • Constrained RESTful Application Language (CoRAL) defines a data and interaction model that can allow software agents (automated scripts) to navigate a Web application based on a standardized vocabulary of links and forms and relation types.

    IoT bootstrapping work is also underway in the IETF. Many small office and home (SOHO) IoT devices re-use the existing Wi-Fi infrastructure for connecting to the Internet. These deployments typically rely on a network-wide shared-secret for joining the network. This is also commonly referred to as WPA2-PSK mode. However, the security of a shared passphrase becomes highly questionable when large numbers of physical devices–from toys to bathroom scales to doorbells to thermostats–are connected to the network. The per-device credentials provided by 802.1X will be necessary to prevent one insecure device from compromising the security of others on the same wireless network. There is currently ongoing discussion in the community on how IETF standards such as EAP (Extensible Authentication Protocol) can be employed for this purpose.

    Full details and the latest information about T2TRG activities can be found in GitHub.

    Large organizations obviously also require centralized management, both in terms of how devices get credentials, and establishing accountability for those devices. When hundreds of the same type of a device are connected, automation is a requirement. On the other hand, such a trusted introduction also introduces additional and potentially lasting dependencies on additional parties. The IETF is currently working on mechanisms such as Bootstrapping Remote Secure Key Infrastructure (BRSKI) which are being adopted by others.

    After the IETF 103 meeting, a mailing list was also formed to discuss these topics, and participants have begun to catalog the mechanisms that are available. Discussions at IETF 104 were used refine that work.

    Lightweight Implementation Guidance (LWIG)

    Eliot Lear and Mohit Sethi

    The LWIG working group is providing useful implementation guidance to IoT developers. Among other things, the working group is currently working on a draft that defines how various standard elliptic curves such as NIST P-256, Curve25519 and Ed25519 can efficiently re-use the same underlying implementation. Since the last IETF meeting, this draft has received a review from Crypto Forum Research Group (CFRG) of the IRTF. Updates to this and other documents were discussed during the working group session.

    Other meeting highlights

    Other IoT-related highlights of the IETF 104 meeting included:

    IETF Hackathon

    The IETF Hackathon preceding the IETF 104 meeting included several IoT-related projects:

    • HOMENET (Home Networking), DNSSD and the Internet of Things

    • Internet of Things with RIOT

    • IP Wireless Access in Vehicular Environments (IPWAVE) Basic Protocols

    • (IPv6 over Low Power Wide-Area Networks) LPWAN CoAP/UDP/IPv6 SCHC compression and fragmentation

    • RPL over BLE using NimBLE and RIOT

    • Secure IoT bootstrapping with Nimble out-of-band authentication for EAP (EAP-NOOB)

    • SUIT (Software Updates for Internet of Things) IoT Firmware Update Metadata

    • TEEP (Trusted Execution Environment Provisioning) Interop for Open Trust Protocol (OTrP)

    • WISHI (Work on Semantic/Hypermedia Interoperability)

    The IETF Hackathon wiki has additional details on all the projects worked on in Prague.

    IoT-related Working Group materials from IETF 104

    Here are links to IoT-related Working Group information, including materials and video recordings from sessions at IETF 104:

    6lo (IPv6 over Networks of Resource-constrained Nodes) WG

    6tisch (IPv6 over the TSCH mode of IEEE 802.15.4e) WG

    ace (Authentication and Authorization for Constrained Environments) WG

    core (Constrained RESTful Environments) WG

    homenet (Home Networking) WG

    ipwave (IP Wireless Access in Vehicular Environments) WG

    lpwan (IPv6 over Low Power Wide-Area Networks) WG

    lwig (Light-Weight Implementation Guidance) WG

    opsawg (Operations and Management Area) WG

    rats (Remote ATtestation ProcedureS)

    roll (Routing Over Low power and Lossy networks) WG

    suit (Software Updates for Internet of Things) WG

    t2trg (Thing-to-Thing) RG

    teep (Trusted Execution Environment Provisioning) WG

    About the author

    Steve Olshansky is the Internet Technology Program Manager at the Internet Society, based in Colorado, United States.  

    Share this page