Liaison statement
LS on Towards a common definition of Zero Trust
Additional information about IETF liaison relationships is available on the
IETF webpage
and the
Internet Architecture Board liaison webpage.
| State | Posted |
|---|---|
| Submitted Date | 2025-05-13 |
| From Group | ITU-T-SG-17 |
| From Contact | Xiaoya Yang <tsbsg17@itu.int> |
| To Group | secdispatch |
| To Contacts | Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> Daniel Gillmor <dkg@fifthhorseman.net> |
| Cc | Deb Cooley <debcooley1@gmail.com> Scott Mansfield <Scott.Mansfield@Ericsson.com> Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> Security Dispatch Discussion List <secdispatch@ietf.org> Paul Wouters <paul.wouters@aiven.io> Daniel Gillmor <dkg@fifthhorseman.net> itu-t liaison <itu-t-liaison@iab.org> |
| Response Contact | Arnaud.Taddei@broadcom.com zoesc.park@sch.ac.kr zhangchen@cmdi.chinamobile.com |
| Purpose | For action |
| Deadline | 2025-11-30 Action Taken |
| Attachments | sp18-sg17-oLS-00022 |
| Liaisons referring to this one |
Reply to [2001] LS on Towards a common definition of Zero Trust
|
| Body |
Abstract: This liaison statement invites other SDOs to consider participating in a collaborative effort to develop a common definition of Zero Trust as a security design principle. ITU-T Study Group 17 has been actively working on security design principles for several years as part of a broader initiative to address the issue of the absence of a commonly agreed international model and meta-model for cyber security. In support of this initiative: - several work items have been launched under the Framework for Cyber Security Reference Architectures Models and Methodologies Strategy and Roadmap (CRAMM), and these are currently under development, - a correspondence group on Security Capabilities and Architectures (CG-SECAPA) is actively contributing to this effort; and - a dedicated workshop on Zero Trust and software supply chain security was organized by ITU-T Study Group 17 in Korea on 28th of August 2023. In this context ITU-T Study Group 17 has identified the lack of a globally recognized definition for Zero Trust as a security design principle as a growing challenge—both for standards development and for the broader cybersecurity ecosystem. The absence of a common definition is contributing to fragmentation and inconsistency across standards and markets. ITU-T Study Group 17 is therefore reaching out to other SDOs that may have observed similar challenges and who may be interested in joining a collaboration effort to define Zero Trust in a clear, consistent and internationally applicable manner. |