The emergence of applications in industry verticals based on machine-to-machine communications require control systems to be extended beyond their closed environments. Specifically, such systems that bring about physical and mechanical changes to an environment, heavily rely on their remote operations and control.

While IETF has produced standards for constrained IoT devices, industrial device operations differ in many ways. There are issues associated with the network-based remote operations in such control systems when those operations are extended beyond closed networks. These issues and candidate scenarios are captured in the following documents [1-4].

The term Operations and Control networks (OCN) describes the communication characteristics for such control systems. There are several customized and proprietary network technologies available, however a common network reference model and framework would allow operators from different verticals to leverage open protocols.

We invite IETF community to a side-meeting OCN discussion on the requirements for establishing common interfaces and functions.

Coordinates to learn more, contact those involved, &/or relevant formal or side meetings

Date : Monday 25 July (see: https://trac.ietf.org/trac/ietf/meeting/wiki/114sidemeetings#point1)

Time: 12:30 to 1:30 pm (50 minutes)

Room: Philadelphia South (Mezzanine Level)

contact: lijun.dong@futurewei.com , kiran.ietf@gmail.com

Webex: https://futurewei.my.webex.com/futurewei.my/j.php?MTID=m8482bdb06635d5ef021e6dcc11d1cd29

References:

[1] https://datatracker.ietf.org/doc/draft-km-intarea-ocn/

[2] https://datatracker.ietf.org/doc/draft-tf-ocn-ps/

[3] https://datatracker.ietf.org/doc/draft-dong-remote-driving-usecase/

[4] https://datatracker.ietf.org/doc/draft-wmdf-ocn-use-cases/

Challenges and Opportunities in Post-Quantum Cryptography for networks and protocols

Presenter, Affiliation: Sofía Celi, Brave

Short topic abstract (topics should be IETF-related in some way):

The Post-Quantum NIST process for selecting post-quantum algorithms have

reached its first milestone: selecting algorithms for confidentiality

and authentication that are safe from quantum attacks. However, these

selected algorithms have parameters or computational times that are

bigger than non-post-quantum ones, which could pose a problem for the

protocols and networks as we use them today: TLS, DNSSEC, IPSEC and

more. In this talk, we will walk to an overview of the post-quantum

algorithms, how they affect the protocols and network (challenges and

opportunities), and what we can as IETF to migrate them.

Coordinates to learn more, contact those involved, &/or relevant formal

or side meetings:

Sofía Celi, cherenkov@riseup.net, https://sofiaceli.com/PQNet-Workshop/,

https://sofiaceli.com/slides/PQC_KEMTLS.pdf ,

https://sofiaceli.com/PQNet-Workshop/dnssec.html ,

https://sofiaceli.com/PQNet-Workshop/tls.html ,

https://sofiaceli.com/2022/07/05/pq-signatures.html ,

https://datatracker.ietf.org/meeting/111/materials/slides-111-saag-how-should-the-ietf-approach-post-quantum-security-02, https://github.com/rdanyliw/ietf-pq-maintenance/blob/main/pqm-charter.md

What has the IETF ever done for Energy

Presenter: Toerless Eckert, <tte@cs.fau.de>

Affiliation: Futurewei USA

Topic Abstract:

This memo provides an overview of work performed by or proposed within the IETF related to energy and/or green: awareness, management, control or reduction of consumption of energy, and sustainability as it related to the IETF.

Target: Enlightenment, spur interest in new work

Goal: looking for collaborators

URL: https://github.com/toerless/energy

Slides: https://github.com/toerless/energy/raw/main/what-has-the-ietf-ever-done-for-energy.pdf

Internet Of Secure Elements

Presenter: Pascal Urien Telecom Paris

Abstract: Secure elements are widely used in bank cards, SIM modules, electronic passports. More than 6 billion javacards are deployed. They communicate through the ISO7816 interface, and are able to support TLS1.3 stacks. Internet of secure element is an IETF draft that defines a server (IOSE servers) based on secure element TLS server (TLS-SE). Open implementations are available on github for IOSE server and associated TLS-SE secure elements. Secure elements are identified by TLS server name (SEN), they act as a back end server connected to a front TLS server.

Secure element resources are identified by URI such as schemeS://sen:psk@server.com:port/?query, in which psk is a TLS pre-shared-key. The definition of protocols used above TLS-PSK, in order to access secure element resources, is an open issue.

References

https://datatracker.ietf.org/doc/draft-urien-coinrg-iose/05/

https://github.com/purien/IoSE

https://github.com/purien/TLS-SE

Contact

Pascal.urien@gmail.com

Attestation within TLS

Presenter: Hannes Tschofenig (Arm)

Abstract: Attestation is an important building block in modern hardware security technologies, such as confidential computing. To offer interoperability attestation formats have been standardized. These attestation tokens need to be conveyed to a relying party to be useful and we have made an attempt to integrate these tokens into the TLS handshake.

Reference: https://datatracker.ietf.org/doc/html/draft-fossati-tls-attestation-00

Contact: Hannes.Tschofenig@arm.com

The LEO satellite networking, the flying infrastructure for future Internet.

Presenter: Lin Han, Futurewei Technologies, Inc.

Abstract:

The massive number of LEO satellites connected by Inter-satellite link will make the LEO satellite network an infrastructure network. It can be integrated with the latest wireless technologies, 5G and beyond, for future Internet. 3GPP has expected that the LEO satellite network will provide the IP transport for its NTN integration architecture. As a complementary part of terrestrial network, LEO satellite network can provide truly global coverage with shorter latency for people’s communication, massive IOT and even edge computing service from space. However, all the benefits are not free. Due to the fast and special moving pattern of LEO satellite network, there are many challenges to the current IETF technologies, such as addressing, routing, multi-path, mobility, traffic engineering, security, etc. Some sporadic drafts have been in IETF recently, but there is no dedicated group for all those works. We expect that more coordinated work is done in IETF/IRTF for this area.

Beyond End-to-End security

Presenter: Phillip Hallam-Baker <phill@hallambaker.com>, Threshold Secrets LLC

End-to-End security has always been held as the gold standard for personal security. Recent events require this assumption to be reconsidered. The current model of proprietary service providers offering end-to-end security within separate walled gardens is no longer acceptable.

End-to-End security only protects the data in transit between the end-points and in storage at the service provider. It does not provide protection against key substitution attacks or compromise of the messaging applications. Nor do 'warrant canaries' provide an effective control.

Providing adequate security in the new threat environment requires that the messaging system be open and the user be in complete control of their contacts catalog. The Mathematical Mesh plus WebRTC provides such an infrastructure for messaging, voice and video modalities.

Next Steps: The Mesh + WebRTC provide more than enough mechanism to support an open, end-to-end secure and warrant resistant communication system. The question is what parts of the WebRTC infrastructure to choose. I am interested in talking to people who are interested in collaborating on such a project, in particular people with WebRTC expertise.