IETF shuns call for wiretapping protocol

A string of new Internet protocols are on the agenda at the 47th Internet Engineering Task Force meeting in Adelaide, Australia this week - but a standard for wiretapping isn't among them.

          A string of new Internet standards are on the agenda at the 47th Internet Engineering Task Force (IETF) meeting in Adelaide, Australia this week - but a standard for wiretapping isn't among them.

          A proposal to develop protocols that would make it easier for law enforcement agencies to intercept communications over the Internet was the centerpiece of the IETF's last meeting, in November. In a heated debate, a majority of the participants rejected the proposal.

          The IETF responded two weeks ago by issuing a new policy against building a wiretapping capability into the protocols that underlie the Net. The policy states that the international standards development group is the wrong forum for designing protocols to meet the wiretapping laws of specific countries. The policy also says built-in wiretapping would lessen the security and increase the complexity of Internet protocols.

          The wiretapping decision is a boon to network managers, many of whom feared that any hole built into the Net for legitimate law enforcement purposes would be abused by hackers.

          "IETF's policy against adding wiretapping support in protocols means that the security of IETF protocols will not be compromised in the name of adding wiretapping support," says Keith Moore, a co-director of the IETF's applications area.

          With the wiretapping issue resolved, the IETF is focusing on protocols for wireless and secure applications, among others.

          The plenary session tomorrow night will explore the Wireless Application Protocol, a method of accessing Web-based data over cellular phones that is being developed by the WAP Forum. The IETF is looking for ways to integrate WAP with protocols such as IPv6, the next generation of the Internet's main communications protocol, and MobileIP, which allows nodes using either IPv6 or the current IPv4 protocol to roam.

          The IETF also will update attendees on the findings of a recent workshop held on the readiness of IP to support wireless applications such as cellular telephones, satellite-based processing and aircraft telemetry.

          "The question is what do we need to do to make Internet technology work well in a wireless world?" says IETF chair Fred Baker. "If we can make network congestion and loss two different things, lo and behold, Internet technology will work for wireless."

          In the security area, the IETF is considering a proposal nicknamed itrace that would help ISPs find the original machine sending denial-of-service attacks like those that felled several popular Web sites in February. A draft document about itrace was submitted to the IETF two weeks ago by Steve Bellovin, a security expert from AT&T Laboratories.

          "What itrace is dealing with is when someone starts sending one of these denial-of-service streams, you want to identify the machine it's coming from," Baker says. "Often it's set up so that it looks like the stream is coming from other addresses. We're trying to figure out a way to quickly isolate the specific source of the stream."

          Other hot topics at this week's meeting:

          A joint effort with the International Telecommunications Union to develop a protocol to break up the controller and gateway functions in large telephone switches to create smaller, more flexible and less expensive systems. Coming out of the IETF's megaco group, this protocol is likely to be finished at the meeting.

          A proposed effort called IP Storage will look at ways to attach SCSI disk drives directly to IP networks to create faster, more efficient and better-managed storage-area networks. The IP Storage group is holding a preliminary session at the Adelaide meeting.

Join the newsletter!

Error: Please check your email address.
Show Comments

Market Place

[]