2 \begin{frame}{post-Snowden}
4 \item After the Snowden Leaks appeared in press the IETF began discussion on how
5 `'pervaisive monitoring'' can be prevented
6 \item In September 2013 the `'PERPASS'' (pervaisive, passive monitoring) mailing list was started
7 \item People started working on drafts to circumvent `'pervaisive monitoring'': http://down.dsg.cs.tcd.ie/misc/perpass.txt
13 \item IETF 89 was accompanied by a meeting on the topic (STRINT) with invited speakers on privacy, security and cryptography: https://www.w3.org/2014/strint/
14 \item `'strenghtening the internet against pervaisive monitoring''
15 \item a lot of good feedback and ideas
16 \item main takeaways: threat modeling, CFRG was tasked with TLS-WG guidance on choices of ciphers and which curves/parameters (ECC) to use
19 \url{http://tools.ietf.org/html/draft-iab-strint-report-00}
23 \begin{frame}{New WGs and documents being worked on }
25 \item UTA-WG (utilizing TLS in applications): working BCPs on how to properly use/implement TLS
26 \item TLS-WG (transport layer security): TLS 1.3, chacha20-poly1305, DJB curves (ECC), FALLBACK\_SCSV extension,..
27 \item TCPINC (TCP increased security): working on standardization of opportunistic encryption on the TCP layer (similar to tcpcrypt)
28 \item DPRIVE (DNS private exchange): working on DNS privacy features
29 \item IAB (internet architecture board): threat model, see: https://tools.ietf.org/html/draft-iab-privsec-confidentiality-threat
34 \begin{frame}{Curves Curves Curves}
36 \item CFRG (cryptography forum research group within IRTF) is working on a standardized set of curves and curve parameters for IETF WGs: expected by the end of 2014
37 \item + Curve25519 (dan bernstein, et al.)
38 \item + NUMS (microsoft)
39 \item + ed448goldilocks (michael hamburg)
41 In comparison to NIST curves: most new proposals are plugable into existing standards and can be reused within protocols and IETF documents.
45 ..A lot more going on within IETF, but I can barely keep up with TLS-WG due to work currently..