Russ Housley is the first chair of the IETF with a particular expertise in network security. Housley, who runs consulting firm Vigil Security, has been active in the IETF (Internet Engineering Task Force) for nearly 20 years and helped write early email security and public key infrastructure standards. Three months into his job as chair of the leading internet standards body, Housley talked with Computerworld about his strategy for bolting better security onto the freewheeling internet.
What do you hope to accomplish as IETF chair?
My focus as IETF security area director was continuous, incremental improvement of the security of the internet. As IETF chair, I want to continue with that. I also want to pursue continuous, incremental improvement of the entire internet and continuous, incremental improvement of the IETF standards process.
What do you mean when you say your goal is continuous, incremental improvement for the internet overall? Can you give three specific goals?
Rollout of IPv6 is clearly one of them. Another is rollout of DNS security. And my personal hope is that the SIDR [secure inter-domain routing] working group leads to security improvements in internet routing.
Why take on this time-consuming volunteer job?
I don’t have a good answer for that. I care about the community. I guess that is what it really comes down to. I could only do it because I got a sponsor. VeriSign is giving me a cheque a month, and the National Security Agency is paying my travel costs. Vigil Security is my own business. It’s just me, and my wife pays the bills.
How long do you expect to be IETF chair?
My term is two years, and then I’ll make an assessment. It’s not fair to ask me three months into the job whether I’ll seek another term. My predecessor said it took a year to learn the job and another year to get comfortable doing it. Just as you’re getting comfortable, your term is over.
You are the first security expert to head the IETF. Why is it important to have a security expert lead the group now?
Being a good manager and a security guy are not mutually exclusive. Clearly we need someone to continue the security improvements that have been started by [the two previous IETF chairs]. Security is where the internet has the biggest need for improvement. So I look forward to working with the two area directors that have security as their key focus. Maybe with the three of us, we’ll be able to make more rapid progress.
Many of the IETF’s original protocols were designed without built-in security. How hard will it be for the IETF to go back and rework these protocols to require security?
Usually bolting security on after the fact leads to an incomplete solution, but that’s what we’re going to have to have. It’s not possible to turn off the internet today and start up the secure internet tomorrow. It just can’t be done, and no one would tolerate the outage if we could. The genesis of my continuous, incremental improvement philosophy is realising that we can’t turn off the insecure internet and turn on a more secure internet even if we had consensus for what that meant.
Do IETF participants have the will to go back and fix insecure parts of the internet? For example, everyone knows about the lack of security in HTTP, but there seems little will within the IETF to fix the HTTP authentication problem.
That’s because in the case of HTTP, and I suspect in many others, there’s little agreement about what’s the most important security feature to add. When you say that we’ll just fix the most egregious things, then you get into an argument about where to draw the line.
In the case of HTTP, the biggest concern is authentication and that is primarily solved by transport layer security (TLS). Why not mandate TLS? That’s a very good question. There’s not a web server on the market that doesn’t have TLS. Will we have the will to fix the security problems? Sometimes. Domain keys identified mail is an add-on to the mail environment that we’re developing. The work was done in the security area, but the whole idea came from the applications folks. I think we’ll continue to see approaches like that where we can each see the benefits. But it’s not going to be a complete overhaul of the email system. Instead, it will be a fix for a particular concern.
Has there been a shift in attitude about security in the IETF in recent years?
Certainly. People think about security now, but for many people it’s not the primary reason they are here. They’re here to add a routing feature or add a particular capability to a particular application or to improve deployability of IPv6 or something like that.
The debate on IPv6 seems to have changed significantly this year, from a futuristic possibility to an inevitability. What is your view of IPv6 deployment — when and how it will happen?
When it will happen is sooner rather than later. But I think that the business model for the large internet service providers still has to do with it.
When they can make money from IPv6 is when they’ll roll it out. The cost pressures on getting more IPv4 addresses will tilt the scale eventually. [IETF participant] Geoff Houston gave a talk on how fast IPv4 addresses are being given out. He has a projected date for when he thinks they are going to run out. He thinks it’s March 2010.
My view is that enterprises need to start planning for IPv6 now because it’s coming. We need to have people deploy IPv6 now so that the entire internet supports both [IPv4 and IPv6] stacks so that the transition can be more smooth.
What advice would you offer to corporate network managers about IPv6 adoption?
Start now. I think that the profile work that [the National Institute of Standards and Technology] is doing will serve as a good starting place for any enterprise that’s starting that endeavour. Leverage their work.
What do you see as the most exciting work going on in the IETF right now?
I think Hokey is very exciting. It involves handover-keying. I think it’s exciting because it’s an attempt to allow secure handover across different kinds of networks, including wired and wireless and various different types of wireless so a mobile device can move across those networks seamlessly and securely. It would be a very important infrastructure element to the future of the internet that many of us see.
The group has met only two or three times. There’s a lot of interesting work going on in the IETF, but if you want to know which one is tearing down big barriers, that’s Hokey.
What are the IETF’s biggest challenges going forward?
Establishing better working relationships through liaisons to other standards development organisations, especially the International Telecommunication Union Telecommunications Standards Sector and Third Generation Partnership Project.
How is the IETF doing in terms of attendance and of administrative
Things are significantly improved, although we still need to deal with some things on the financial front. Our revenue is lower than we expected, so we need to do some things. We had lower attendance at this meeting. We’re about 90 people short of our projections. Where is the shortage coming from? Some Chinese participants are not here because of visa issues. Some Cisco folks aren’t here because of a meeting with a big customer. But that doesn’t account for 90 people. Our attendance at this meeting is 1,146 people. Our Montreal meeting last summer was 1,236.
Is the IETF still doing the most important standards work on the internet?
I think so. I wouldn’t have done this job if I thought the IETF was plummeting. I think we have the coolest work going. Other standards groups are totally dependent on us keeping the internet working well.